Allocation of resources without limits or throttling in Juniper Junos OS - CVE-2023-22403

 

Allocation of resources without limits or throttling in Juniper Junos OS - CVE-2023-22403

Published: October 25, 2023


Vulnerability identifier: #VU82389
CSH Severity: Medium
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2023-22403
CWE-ID: CWE-770
Exploitation vector: Remote access
Exploit availability: No public exploit available
Vendor: Juniper Networks, Inc.
Affected software:
Juniper Junos OS

Detailed vulnerability description

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to allocation of resources without limits or throttling error in the Packet Forwarding Engine (PFE). A remote non-authenticated attacker can cause a Denial of Service (DoS).

On QFX10k Series Inter-Chassis Control Protocol (ICCP) is used in MC-LAG topologies to exchange control information between the devices in the topology. ICCP connection flaps and sync issues will be observed due to excessive specific traffic to the local device


How to mitigate CVE-2023-22403

Install updates from vendor's website.

Sources