Main Vulnerability Database Vulnerabilities #VU82389

Allocation of resources without limits or throttling in Juniper Junos OS - CVE-2023-22403

Published: October 25, 2023

Vulnerability identifier: #VU82389

CSH Severity: Medium

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2023-22403

CWE-ID: CWE-770

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
Juniper Junos OS

Software vendor:
Juniper Networks, Inc.

Description

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to allocation of resources without limits or throttling error in the Packet Forwarding Engine (PFE). A remote non-authenticated attacker can cause a Denial of Service (DoS).

On QFX10k Series Inter-Chassis Control Protocol (ICCP) is used in MC-LAG topologies to exchange control information between the devices in the topology. ICCP connection flaps and sync issues will be observed due to excessive specific traffic to the local device

Remediation

Install updates from vendor's website.

External links

https://supportportal.juniper.net/s/article/2023-01-Security-Bulletin-Junos-OS-QFX10k-Series-ICCP-flap-will-be-observed-due-to-excessive-specific-traffic-CVE-2023-22403

Allocation of resources without limits or throttling in Juniper Junos OS - CVE-2023-22403

Description

Remediation

External links

Please verify you're human