Vulnerability-Lookup

CVE-2023-44181 (GCVE-0-2023-44181)

Vulnerability from cvelistv5 – Published: 2023-10-12 23:01 – Updated: 2024-09-18 14:43

Title

Junos OS: QFX5k: l2 loop in the overlay impacts the stability in a EVPN/VXLAN environment

Summary

An Improperly Implemented Security Check for Standard vulnerability in storm control of Juniper Networks Junos OS QFX5k devices allows packets to be punted to ARP queue causing a l2 loop resulting in a DDOS violations and DDOS syslog. This issue is triggered when Storm control is enabled and ICMPv6 packets are present on device. This issue affects Juniper Networks: Junos OS * All versions prior to 20.2R3-S6 on QFX5k; * 20.3 versions prior to 20.3R3-S5 on QFX5k; * 20.4 versions prior to 20.4R3-S5 on QFX5k; * 21.1 versions prior to 21.1R3-S4 on QFX5k; * 21.2 versions prior to 21.2R3-S3 on QFX5k; * 21.3 versions prior to 21.3R3-S2 on QFX5k; * 21.4 versions prior to 21.4R3 on QFX5k; * 22.1 versions prior to 22.1R3 on QFX5k; * 22.2 versions prior to 22.2R2 on QFX5k.

Severity ?

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE

358: Improperly Implemented Security Check for Standard vulnerability
Denial of Service (DoS)

Assigner

juniper

References

URL

	Vendor	Product	Version
	Juniper Networks	Junos OS	Affected: 0 , < 20.2R3-S6 (semver) Affected: 20.3 , < 20.3R3-S5 (semver) Affected: 20.4 , < 20.4R3-S5 (semver) Affected: 21.1 , < 21.1R3-S4 (semver) Affected: 21.2 , < 21.2R3-S3 (semver) Affected: 21.3 , < 21.3R3-S2 (semver) Affected: 21.4 , < 21.4R3 (semver) Affected: 22.1 , < 22.1R3 (semver) Affected: 22.2 , < 22.2R2 (semver)

CVE-2023-44181

Vulnerability from fstec - Published: 11.10.2023

Title

Уязвимость реализации сетевого протокола ICMPv6 операционной системы Junos маршрутизаторов серии QFX5K, позволяющая нарушителю вызвать отказ в обслуживании

Description

Уязвимость реализации сетевого протокола ICMPv6 операционной системы Junos маршрутизаторов серии QFX5K связана с выполнением цикла с недоступным условием выхода при обработке файлов формата WAV/AVI. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, вызвать отказ в обслуживании

Severity ?


                    
                      AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Vendor

Juniper Networks Inc.

Software Name

JunOS

Software Version

от 20.3 до 20.3R3-S5 (JunOS), от 21.4 до 21.4R3 (JunOS), до 20.2R3-S6 (JunOS), от 20.4 до 20.4R3-S5 (JunOS), от 21.1 до 21.1R3-S4 (JunOS), от 21.2 до 21.2R3-S3 (JunOS), от 21.3 до 21.3R3-S2 (JunOS), от 22.1 до 22.1R3 (JunOS), от 22.2 до 22.2R2 (JunOS)

Possible Mitigations

Использование рекомендаций производителя: https://supportportal.juniper.net/JSA73145

Reference

https://supportportal.juniper.net/JSA73145 https://www.juniper.net/documentation/us/en/software/junos/security-services/topics/task/rate-limiting-storm-control-disabling-cli-els.html

CWE

CWE-835

JSON

To clipboard

{
  "CVSS 2.0": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
  "CVSS 3.0": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Juniper Networks Inc.",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "\u043e\u0442 20.3 \u0434\u043e 20.3R3-S5 (JunOS), \u043e\u0442 21.4 \u0434\u043e 21.4R3 (JunOS), \u0434\u043e 20.2R3-S6 (JunOS), \u043e\u0442 20.4 \u0434\u043e 20.4R3-S5 (JunOS), \u043e\u0442 21.1 \u0434\u043e 21.1R3-S4 (JunOS), \u043e\u0442 21.2 \u0434\u043e 21.2R3-S3 (JunOS), \u043e\u0442 21.3 \u0434\u043e 21.3R3-S2 (JunOS), \u043e\u0442 22.1 \u0434\u043e 22.1R3 (JunOS), \u043e\u0442 22.2 \u0434\u043e 22.2R2 (JunOS)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f:\nhttps://supportportal.juniper.net/JSA73145",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "11.10.2023",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "17.10.2023",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "17.10.2023",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2023-06841",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2023-44181",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0430\u0440\u0445\u0438\u0442\u0435\u043a\u0442\u0443\u0440\u044b",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "JunOS",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "Juniper Networks Inc. JunOS \u043e\u0442 20.3 \u0434\u043e 20.3R3-S5 QFX5K, Juniper Networks Inc. JunOS \u043e\u0442 21.4 \u0434\u043e 21.4R3 QFX5K, Juniper Networks Inc. JunOS \u0434\u043e 20.2R3-S6 QFX5K, Juniper Networks Inc. JunOS \u043e\u0442 20.4 \u0434\u043e 20.4R3-S5 QFX5K, Juniper Networks Inc. JunOS \u043e\u0442 21.1 \u0434\u043e 21.1R3-S4 QFX5K, Juniper Networks Inc. JunOS \u043e\u0442 21.2 \u0434\u043e 21.2R3-S3 QFX5K, Juniper Networks Inc. JunOS \u043e\u0442 21.3 \u0434\u043e 21.3R3-S2 QFX5K, Juniper Networks Inc. JunOS \u043e\u0442 22.1 \u0434\u043e 22.1R3 QFX5K, Juniper Networks Inc. JunOS \u043e\u0442 22.2 \u0434\u043e 22.2R2 QFX5K",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0430 ICMPv6 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Junos \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u043e\u0432 \u0441\u0435\u0440\u0438\u0438 QFX5K, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u0412\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u0446\u0438\u043a\u043b\u0430 \u0441 \u043d\u0435\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u043c \u0443\u0441\u043b\u043e\u0432\u0438\u0435\u043c \u0432\u044b\u0445\u043e\u0434\u0430 (\u0431\u0435\u0441\u043a\u043e\u043d\u0435\u0447\u043d\u044b\u0439 \u0446\u0438\u043a\u043b) (CWE-835)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0430 ICMPv6 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Junos \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u043e\u0432 \u0441\u0435\u0440\u0438\u0438 QFX5K \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u0446\u0438\u043a\u043b\u0430 \u0441 \u043d\u0435\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u043c \u0443\u0441\u043b\u043e\u0432\u0438\u0435\u043c \u0432\u044b\u0445\u043e\u0434\u0430 \u043f\u0440\u0438 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0435 \u0444\u0430\u0439\u043b\u043e\u0432 \u0444\u043e\u0440\u043c\u0430\u0442\u0430 WAV/AVI. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u0418\u0441\u0447\u0435\u0440\u043f\u0430\u043d\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://supportportal.juniper.net/JSA73145 \nhttps://www.juniper.net/documentation/us/en/software/junos/security-services/topics/task/rate-limiting-storm-control-disabling-cli-els.html",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-835",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,8)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,5)"
}

FKIE_CVE-2023-44181

Vulnerability from fkie_nvd - Published: 2023-10-13 00:15 - Updated: 2024-11-21 08:25

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

References

URL	Tags
sirt@juniper.net	https://supportportal.juniper.net/JSA73145	Vendor Advisory
sirt@juniper.net	https://www.juniper.net/documentation/us/en/software/junos/security-services/topics/task/rate-limiting-storm-control-disabling-cli-els.html	Technical Description
af854a3a-2127-422b-91ae-364da2661108	https://supportportal.juniper.net/JSA73145	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.juniper.net/documentation/us/en/software/junos/security-services/topics/task/rate-limiting-storm-control-disabling-cli-els.html	Technical Description

Impacted products

Vendor	Product	Version
juniper	junos	*
juniper	junos	20.2
juniper	junos	20.2
juniper	junos	20.2
juniper	junos	20.2
juniper	junos	20.2
juniper	junos	20.2
juniper	junos	20.2
juniper	junos	20.2
juniper	junos	20.2
juniper	junos	20.2
juniper	junos	20.2
juniper	junos	20.2
juniper	junos	20.2
juniper	junos	20.2
juniper	junos	20.2
juniper	junos	20.3
juniper	junos	20.3
juniper	junos	20.3
juniper	junos	20.3
juniper	junos	20.3
juniper	junos	20.3
juniper	junos	20.3
juniper	junos	20.3
juniper	junos	20.3
juniper	junos	20.3
juniper	junos	20.3
juniper	junos	20.4
juniper	junos	20.4
juniper	junos	20.4
juniper	junos	20.4
juniper	junos	20.4
juniper	junos	20.4
juniper	junos	20.4
juniper	junos	20.4
juniper	junos	20.4
juniper	junos	20.4
juniper	junos	20.4
juniper	junos	21.1
juniper	junos	21.1
juniper	junos	21.1
juniper	junos	21.1
juniper	junos	21.1
juniper	junos	21.1
juniper	junos	21.1
juniper	junos	21.1
juniper	junos	21.1
juniper	junos	21.1
juniper	junos	21.2
juniper	junos	21.2
juniper	junos	21.2
juniper	junos	21.2
juniper	junos	21.2
juniper	junos	21.2
juniper	junos	21.2
juniper	junos	21.2
juniper	junos	21.2
juniper	junos	21.2
juniper	junos	21.3
juniper	junos	21.3
juniper	junos	21.3
juniper	junos	21.3
juniper	junos	21.3
juniper	junos	21.3
juniper	junos	21.3
juniper	junos	21.3
juniper	junos	21.3
juniper	junos	21.4
juniper	junos	21.4
juniper	junos	21.4
juniper	junos	21.4
juniper	junos	21.4
juniper	junos	21.4
juniper	junos	21.4
juniper	junos	22.1
juniper	junos	22.1
juniper	junos	22.1
juniper	junos	22.1
juniper	junos	22.1
juniper	junos	22.1
juniper	junos	22.2
juniper	junos	22.2
juniper	junos	22.2
juniper	junos	22.2
juniper	qfk5110	-
juniper	qfk5120	-
juniper	qfk5130	-
juniper	qfk5200	-
juniper	qfk5210	-
juniper	qfk5220	-
juniper	qfk5230	-
juniper	qfk5700	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D5DC3ED-1843-467F-903D-2DB6CDFF06F1",
              "versionEndExcluding": "20.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.2:-:*:*:*:*:*:*",
              "matchCriteriaId": "D4CF52CF-F911-4615-9171-42F84429149F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.2:r1:*:*:*:*:*:*",
              "matchCriteriaId": "CD07B7E2-F5C2-4610-9133-FDA9E66DFF4F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.2:r1-s1:*:*:*:*:*:*",
              "matchCriteriaId": "D3C23AEB-34DE-44FB-8D64-E69D6E8B7401",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.2:r1-s2:*:*:*:*:*:*",
              "matchCriteriaId": "18DB9401-5A51-4BB3-AC2F-58F58F1C788C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.2:r1-s3:*:*:*:*:*:*",
              "matchCriteriaId": "06F53DA5-59AE-403C-9B1E-41CE267D8BB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.2:r2:*:*:*:*:*:*",
              "matchCriteriaId": "3332262F-81DA-4D78-99C9-514CADA46611",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.2:r2-s1:*:*:*:*:*:*",
              "matchCriteriaId": "B46B63A2-1518-4A29-940C-F05624C9658D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.2:r2-s2:*:*:*:*:*:*",
              "matchCriteriaId": "8E0D4959-3865-42A7-98CD-1103EBD84528",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.2:r2-s3:*:*:*:*:*:*",
              "matchCriteriaId": "3A58292B-814C-49E7-8D6D-BE26EFB9ADDF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.2:r3:*:*:*:*:*:*",
              "matchCriteriaId": "681AE183-7183-46E7-82EA-28C398FA1C3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.2:r3-s1:*:*:*:*:*:*",
              "matchCriteriaId": "8A6E9627-8BF1-4BE8-844B-EE8F1C9478F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.2:r3-s2:*:*:*:*:*:*",
              "matchCriteriaId": "0A80F23B-CD13-4745-BA92-67C23B297A18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.2:r3-s3:*:*:*:*:*:*",
              "matchCriteriaId": "67D4004B-1233-4258-9C7A-F05189146B44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.2:r3-s4:*:*:*:*:*:*",
              "matchCriteriaId": "69E33F24-D480-4B5F-956D-D435A551CBE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.2:r3-s5:*:*:*:*:*:*",
              "matchCriteriaId": "6E5E3FDB-3F33-4686-9B64-0152AD41939D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.3:-:*:*:*:*:*:*",
              "matchCriteriaId": "03009CC1-21AC-4A46-A747-D0C67FCD41DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.3:r1:*:*:*:*:*:*",
              "matchCriteriaId": "5C9BC697-C7C9-447D-9EBD-E9711462583E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.3:r1-s1:*:*:*:*:*:*",
              "matchCriteriaId": "7B80433B-57B1-49EF-B1A1-83781D6102E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.3:r1-s2:*:*:*:*:*:*",
              "matchCriteriaId": "A352BB7A-6F17-4E64-BC02-1A7E4CD42653",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.3:r2:*:*:*:*:*:*",
              "matchCriteriaId": "05D8427C-CDDE-4B2F-9CB8-41B9137660E4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.3:r2-s1:*:*:*:*:*:*",
              "matchCriteriaId": "F3DC01F2-6DFE-4A8E-9962-5E59AA965935",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.3:r3:*:*:*:*:*:*",
              "matchCriteriaId": "7DA0E196-925E-4056-B411-E158702D5D4F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.3:r3-s1:*:*:*:*:*:*",
              "matchCriteriaId": "E33A522F-E35C-4473-9CBD-9C6E5A831086",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.3:r3-s2:*:*:*:*:*:*",
              "matchCriteriaId": "E9AE26EB-699B-4B10-87E2-9E731B820F32",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.3:r3-s3:*:*:*:*:*:*",
              "matchCriteriaId": "A29E0070-47E9-43DD-9303-C732FE8CC851",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.3:r3-s4:*:*:*:*:*:*",
              "matchCriteriaId": "A5E7E8D2-5D08-492E-84FC-8803E50F2CA7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.4:-:*:*:*:*:*:*",
              "matchCriteriaId": "3D361B23-A3C2-444B-BEB8-E231DA950567",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.4:r1:*:*:*:*:*:*",
              "matchCriteriaId": "20DDC6B7-BFC4-4F0B-8E68-442C23765BF2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.4:r1-s1:*:*:*:*:*:*",
              "matchCriteriaId": "037BA01C-3F5C-4503-A633-71765E9EF774",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.4:r2:*:*:*:*:*:*",
              "matchCriteriaId": "C54B047C-4B38-40C0-9855-067DCF7E48BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.4:r2-s1:*:*:*:*:*:*",
              "matchCriteriaId": "38984199-E332-4A9C-A4C0-78083D052E15",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.4:r2-s2:*:*:*:*:*:*",
              "matchCriteriaId": "AA6526FB-2941-4D18-9B2E-472AD5A62A53",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.4:r3:*:*:*:*:*:*",
              "matchCriteriaId": "09876787-A40A-4340-9C12-8628C325353B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s1:*:*:*:*:*:*",
              "matchCriteriaId": "41615104-C17E-44DA-AB0D-6E2053BD4EF4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s2:*:*:*:*:*:*",
              "matchCriteriaId": "1981DE38-36B5-469D-917E-92717EE3ED53",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s3:*:*:*:*:*:*",
              "matchCriteriaId": "AFA68ACD-AAE5-4577-B734-23AAF77BC85A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s4:*:*:*:*:*:*",
              "matchCriteriaId": "65948ABC-22BB-46D5-8545-0806EDB4B86E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:21.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "6FDB5B7D-FB37-47E3-8678-B9ED578CCA5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:21.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "625BA7E6-D2AD-4A48-9B94-24328BE5B06A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:21.1:r1-s1:*:*:*:*:*:*",
              "matchCriteriaId": "F462F4E3-762C-429F-8D25-5521100DD37C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:21.1:r2:*:*:*:*:*:*",
              "matchCriteriaId": "C0BC9DAC-D6B5-4C5E-8C73-6E550D9A30F5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:21.1:r2-s1:*:*:*:*:*:*",
              "matchCriteriaId": "689FE1AE-7A85-4FB6-AB02-E732F23581B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:21.1:r2-s2:*:*:*:*:*:*",
              "matchCriteriaId": "79E56DAC-75AD-4C81-9835-634B40C15DA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:21.1:r3:*:*:*:*:*:*",
              "matchCriteriaId": "A0040FE2-7ECD-4755-96CE-E899BA298E0C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:21.1:r3-s1:*:*:*:*:*:*",
              "matchCriteriaId": "076AB086-BB79-4583-AAF7-A5233DFB2F95",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:21.1:r3-s2:*:*:*:*:*:*",
              "matchCriteriaId": "72E2DDF6-01DF-4880-AB60-B3DA3281E88D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:21.1:r3-s3:*:*:*:*:*:*",
              "matchCriteriaId": "54010163-0810-4CF5-95FE-7E62BC6CA4F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:21.2:-:*:*:*:*:*:*",
              "matchCriteriaId": "216E7DDE-453D-481F-92E2-9F8466CDDA3F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:21.2:r1:*:*:*:*:*:*",
              "matchCriteriaId": "A52AF794-B36B-43A6-82E9-628658624B0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:21.2:r1-s1:*:*:*:*:*:*",
              "matchCriteriaId": "3998DC76-F72F-4452-9150-652140B113EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:21.2:r1-s2:*:*:*:*:*:*",
              "matchCriteriaId": "36ED4552-2420-45F9-B6E4-6DA2B2B12870",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:21.2:r2:*:*:*:*:*:*",
              "matchCriteriaId": "C28A14E7-7EA0-4757-9764-E39A27CFDFA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:21.2:r2-s1:*:*:*:*:*:*",
              "matchCriteriaId": "4A43752D-A4AF-4B4E-B95B-192E42883A5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:21.2:r2-s2:*:*:*:*:*:*",
              "matchCriteriaId": "42986538-E9D0-4C2E-B1C4-A763A4EE451B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:21.2:r3:*:*:*:*:*:*",
              "matchCriteriaId": "DE22CA01-EA7E-4EE5-B59F-EE100688C1DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s1:*:*:*:*:*:*",
              "matchCriteriaId": "E596ABD9-6ECD-48DC-B770-87B7E62EA345",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s2:*:*:*:*:*:*",
              "matchCriteriaId": "71745D02-D226-44DC-91AD-678C85F5E6FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:21.3:-:*:*:*:*:*:*",
              "matchCriteriaId": "2E7D597D-F6B6-44C3-9EBC-4FA0686ACB5C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:21.3:r1:*:*:*:*:*:*",
              "matchCriteriaId": "CC78A4CB-D617-43FC-BB51-287D2D0C44ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:21.3:r1-s1:*:*:*:*:*:*",
              "matchCriteriaId": "30FF67F8-1E3C-47A8-8859-709B3614BA6E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:21.3:r1-s2:*:*:*:*:*:*",
              "matchCriteriaId": "0C7C507E-C85E-4BC6-A3B0-549516BAB524",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:21.3:r2:*:*:*:*:*:*",
              "matchCriteriaId": "6514CDE8-35DC-469F-89A3-078684D18F7A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:21.3:r2-s1:*:*:*:*:*:*",
              "matchCriteriaId": "4624565D-8F59-44A8-B7A8-01AD579745E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:21.3:r2-s2:*:*:*:*:*:*",
              "matchCriteriaId": "4BF8CD82-C338-4D9A-8C98-FCB3CEAA9227",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:21.3:r3:*:*:*:*:*:*",
              "matchCriteriaId": "57E08E70-1AF3-4BA5-9A09-06DFE9663ADE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:21.3:r3-s1:*:*:*:*:*:*",
              "matchCriteriaId": "255B6F20-D32F-42C1-829C-AE9C7923558A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:21.4:-:*:*:*:*:*:*",
              "matchCriteriaId": "79ED3CE8-CC57-43AB-9A26-BBC87816062D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:21.4:r1:*:*:*:*:*:*",
              "matchCriteriaId": "4310D2D9-A8A6-48F8-9384-0A0692A1E1C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:21.4:r1-s1:*:*:*:*:*:*",
              "matchCriteriaId": "9962B01C-C57C-4359-9532-676AB81CE8B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:21.4:r1-s2:*:*:*:*:*:*",
              "matchCriteriaId": "62178549-B679-4902-BFDB-2993803B7FCE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:21.4:r2:*:*:*:*:*:*",
              "matchCriteriaId": "9AD697DF-9738-4276-94ED-7B9380CD09F5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:21.4:r2-s1:*:*:*:*:*:*",
              "matchCriteriaId": "09FF5818-0803-4646-A386-D7C645EE58A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:21.4:r2-s2:*:*:*:*:*:*",
              "matchCriteriaId": "2229FA59-EB24-49A2-85CE-F529A8DE6BA7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:22.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "3F96EBE9-2532-4E35-ABA5-CA68830476A4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:22.1:r1-s1:*:*:*:*:*:*",
              "matchCriteriaId": "B4D936AE-FD74-4823-A824-2D9F24C25BFB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:22.1:r1-s2:*:*:*:*:*:*",
              "matchCriteriaId": "E117E493-F4E1-4568-88E3-F243C74A2662",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:22.1:r2:*:*:*:*:*:*",
              "matchCriteriaId": "01E3E308-FD9C-4686-8C35-8472A0E99F0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:22.1:r2-s1:*:*:*:*:*:*",
              "matchCriteriaId": "3683A8F5-EE0E-4936-A005-DF7F6B75DED3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:22.1:r2-s2:*:*:*:*:*:*",
              "matchCriteriaId": "1B615DBA-8C53-41D4-B264-D3EED8578471",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:22.2:-:*:*:*:*:*:*",
              "matchCriteriaId": "06156CD6-09D3-4A05-9C5E-BC64A70640F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:22.2:r1:*:*:*:*:*:*",
              "matchCriteriaId": "E949B21B-AD62-4022-9088-06313277479E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:22.2:r1-s1:*:*:*:*:*:*",
              "matchCriteriaId": "8D862E6F-0D01-4B25-8340-888C30F75A2F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:22.2:r1-s2:*:*:*:*:*:*",
              "matchCriteriaId": "2F28F73E-8563-41B9-A313-BBAAD5B57A67",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:juniper:qfk5110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "86C7E154-9273-4FB0-BF75-BD2BD79F457D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:qfk5120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "32D0AE1E-12D6-4B91-A8B8-C3A451F58F45",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:qfk5130:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7F920B8-83D2-478E-8F97-163D924F5021",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:qfk5200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "67B037F5-8C56-453B-8CE2-D7D3AEF5D467",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:qfk5210:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6329B6E-83D8-4F53-A204-9F53042DFAA7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:qfk5220:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "945B38BD-F339-48F9-B033-FBCDF62E73B5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:qfk5230:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B0CAA01-194D-4E89-BA95-226787517F78",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:qfk5700:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "84F42D80-6D50-4136-9988-E9231BB59EA3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "\nAn Improperly Implemented Security Check for Standard vulnerability in storm control of Juniper Networks Junos OS QFX5k devices allows packets to be punted to ARP queue causing a l2 loop resulting in a DDOS violations and DDOS syslog.\n\nThis issue is triggered when Storm control is enabled and ICMPv6 packets are present on device.\n\nThis issue affects Juniper Networks:\n\nJunos OS\n\n\n\n  *  All versions prior to 20.2R3-S6 on QFX5k;\n  *  20.3 versions prior to 20.3R3-S5 on QFX5k;\n  *  20.4 versions prior to 20.4R3-S5 on QFX5k;\n  *  21.1 versions prior to 21.1R3-S4 on QFX5k;\n  *  21.2 versions prior to 21.2R3-S3 on QFX5k;\n  *  21.3 versions prior to 21.3R3-S2 on QFX5k;\n  *  21.4 versions prior to 21.4R3 on QFX5k;\n  *  22.1 versions prior to 22.1R3 on QFX5k;\n  *  22.2 versions prior to 22.2R2 on QFX5k.\n\n\n\n\n\n\n"
    },
    {
      "lang": "es",
      "value": "Una verificaci\u00f3n de seguridad implementada incorrectamente para una vulnerabilidad est\u00e1ndar en el control de tormentas de los dispositivos Junos OS QFX5k de Juniper Networks permite que los paquetes se env\u00eden a la cola ARP, lo que provoca un bucle l2 que genera violaciones de DDOS y un registro del sistema DDOS. Este problema se activa cuando el control de tormentas est\u00e1 habilitado y hay paquetes ICMPv6 presentes en el dispositivo. Este problema afecta a Juniper Networks: Junos OS * Todas las versiones anteriores a 20.2R3-S6 en QFX5k; * Versiones 20.3 anteriores a 20.3R3-S5 en QFX5k; * Versiones 20.4 anteriores a 20.4R3-S5 en QFX5k; * Versiones 21.1 anteriores a 21.1R3-S4 en QFX5k; * Versiones 21.2 anteriores a 21.2R3-S3 en QFX5k; * Versiones 21.3 anteriores a 21.3R3-S2 en QFX5k; * Versiones 21.4 anteriores a 21.4R3 en QFX5k; * Versiones 22.1 anteriores a 22.1R3 en QFX5k; * Versiones 22.2 anteriores a 22.2R2 en QFX5k."
    }
  ],
  "id": "CVE-2023-44181",
  "lastModified": "2024-11-21T08:25:23.000",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "sirt@juniper.net",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-10-13T00:15:11.837",
  "references": [
    {
      "source": "sirt@juniper.net",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://supportportal.juniper.net/JSA73145"
    },
    {
      "source": "sirt@juniper.net",
      "tags": [
        "Technical Description"
      ],
      "url": "https://www.juniper.net/documentation/us/en/software/junos/security-services/topics/task/rate-limiting-storm-control-disabling-cli-els.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://supportportal.juniper.net/JSA73145"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Technical Description"
      ],
      "url": "https://www.juniper.net/documentation/us/en/software/junos/security-services/topics/task/rate-limiting-storm-control-disabling-cli-els.html"
    }
  ],
  "sourceIdentifier": "sirt@juniper.net",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-835"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GSD-2023-44181

Vulnerability from gsd - Updated: 2023-12-13 01:20

Details

Aliases

CVE-2023-44181

Aliases

CVE-2023-44181

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2023-44181",
    "id": "GSD-2023-44181"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2023-44181"
      ],
      "details": "\nAn Improperly Implemented Security Check for Standard vulnerability in storm control of Juniper Networks Junos OS QFX5k devices allows packets to be punted to ARP queue causing a l2 loop resulting in a DDOS violations and DDOS syslog.\n\nThis issue is triggered when Storm control is enabled and ICMPv6 packets are present on device.\n\nThis issue affects Juniper Networks:\n\nJunos OS\n\n\n\n  *  All versions prior to 20.2R3-S6 on QFX5k;\n  *  20.3 versions prior to 20.3R3-S5 on QFX5k;\n  *  20.4 versions prior to 20.4R3-S5 on QFX5k;\n  *  21.1 versions prior to 21.1R3-S4 on QFX5k;\n  *  21.2 versions prior to 21.2R3-S3 on QFX5k;\n  *  21.3 versions prior to 21.3R3-S2 on QFX5k;\n  *  21.4 versions prior to 21.4R3 on QFX5k;\n  *  22.1 versions prior to 22.1R3 on QFX5k;\n  *  22.2 versions prior to 22.2R2 on QFX5k.\n\n\n\n\n\n\n",
      "id": "GSD-2023-44181",
      "modified": "2023-12-13T01:20:38.759987Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "sirt@juniper.net",
        "ID": "CVE-2023-44181",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Junos OS",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003c",
                          "version_name": "0",
                          "version_value": "20.2R3-S6"
                        },
                        {
                          "version_affected": "\u003c",
                          "version_name": "20.3",
                          "version_value": "20.3R3-S5"
                        },
                        {
                          "version_affected": "\u003c",
                          "version_name": "20.4",
                          "version_value": "20.4R3-S5"
                        },
                        {
                          "version_affected": "\u003c",
                          "version_name": "21.1",
                          "version_value": "21.1R3-S4"
                        },
                        {
                          "version_affected": "\u003c",
                          "version_name": "21.2",
                          "version_value": "21.2R3-S3"
                        },
                        {
                          "version_affected": "\u003c",
                          "version_name": "21.3",
                          "version_value": "21.3R3-S2"
                        },
                        {
                          "version_affected": "\u003c",
                          "version_name": "21.4",
                          "version_value": "21.4R3"
                        },
                        {
                          "version_affected": "\u003c",
                          "version_name": "22.1",
                          "version_value": "22.1R3"
                        },
                        {
                          "version_affected": "\u003c",
                          "version_name": "22.2",
                          "version_value": "22.2R2"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Juniper Networks"
            }
          ]
        }
      },
      "configuration": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eThis issue might be seen if the following conditions are met on Junos OS QFX5k platforms:\u003c/p\u003e\u003cp\u003eEnabling storm-control\u003c/p\u003e\u003cp\u003eFor example : \u003c/p\u003e\u003ctt\u003e[forwarding-options set storm-control-profiles profile-name all bandwidth-level kbps]\u003cbr\u003e\u003c/tt\u003e\u003ctt\u003e[edit set interfaces interface-name unit 0 family ethernet-switching storm-control profile-name ]\u003c/tt\u003e"
            }
          ],
          "value": "This issue might be seen if the following conditions are met on Junos OS QFX5k platforms:\n\nEnabling storm-control\n\nFor example : \n\n[forwarding-options set storm-control-profiles profile-name all bandwidth-level kbps]\n[edit set interfaces interface-name unit 0 family ethernet-switching storm-control profile-name ]"
        }
      ],
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "\nAn Improperly Implemented Security Check for Standard vulnerability in storm control of Juniper Networks Junos OS QFX5k devices allows packets to be punted to ARP queue causing a l2 loop resulting in a DDOS violations and DDOS syslog.\n\nThis issue is triggered when Storm control is enabled and ICMPv6 packets are present on device.\n\nThis issue affects Juniper Networks:\n\nJunos OS\n\n\n\n  *  All versions prior to 20.2R3-S6 on QFX5k;\n  *  20.3 versions prior to 20.3R3-S5 on QFX5k;\n  *  20.4 versions prior to 20.4R3-S5 on QFX5k;\n  *  21.1 versions prior to 21.1R3-S4 on QFX5k;\n  *  21.2 versions prior to 21.2R3-S3 on QFX5k;\n  *  21.3 versions prior to 21.3R3-S2 on QFX5k;\n  *  21.4 versions prior to 21.4R3 on QFX5k;\n  *  22.1 versions prior to 22.1R3 on QFX5k;\n  *  22.2 versions prior to 22.2R2 on QFX5k.\n\n\n\n\n\n\n"
          }
        ]
      },
      "exploit": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eJuniper SIRT is not aware of any malicious exploitation of this vulnerability.\u003c/p\u003e"
            }
          ],
          "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.\n\n"
        }
      ],
      "generator": {
        "engine": "Vulnogram 0.1.0-av217"
      },
      "impact": {
        "cvss": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "358: Improperly Implemented Security Check for Standard vulnerability"
              }
            ]
          },
          {
            "description": [
              {
                "lang": "eng",
                "value": "Denial of Service (DoS)"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://supportportal.juniper.net/JSA73145",
            "refsource": "MISC",
            "url": "https://supportportal.juniper.net/JSA73145"
          },
          {
            "name": "https://www.juniper.net/documentation/us/en/software/junos/security-services/topics/task/rate-limiting-storm-control-disabling-cli-els.html",
            "refsource": "MISC",
            "url": "https://www.juniper.net/documentation/us/en/software/junos/security-services/topics/task/rate-limiting-storm-control-disabling-cli-els.html"
          }
        ]
      },
      "solution": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eThe following software releases have been updated to resolve this specific issue:\u0026nbsp;\u003cspan style=\"background-color: var(--darkreader-bg--wht);\"\u003eJunos OS 20.2R3-S6, 20.3R3-S5, 20.4R3-S5, 21.1R3-S4, 21.2R3-S3, 21.3R3-S2, 21.4R3, 22.1R3, 22.2R2, 22.3R1, and all subsequent releases.\u003c/span\u003e\u003c/p\u003e"
            }
          ],
          "value": "The following software releases have been updated to resolve this specific issue:\u00a0Junos OS 20.2R3-S6, 20.3R3-S5, 20.4R3-S5, 21.1R3-S4, 21.2R3-S3, 21.3R3-S2, 21.4R3, 22.1R3, 22.2R2, 22.3R1, and all subsequent releases.\n\n"
        }
      ],
      "source": {
        "advisory": "JSA73145",
        "defect": [
          "1670242"
        ],
        "discovery": "USER"
      },
      "work_around": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eDisable storm control configuration.\u003c/p\u003e"
            }
          ],
          "value": "Disable storm control configuration.\n\n"
        }
      ]
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "20.2",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:20.2:r3-s5:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:20.2:r1:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:20.2:r1-s1:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:20.2:r1-s2:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:20.2:r1-s3:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:20.2:r2:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:20.2:r2-s1:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:20.2:r2-s2:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:20.2:r2-s3:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:20.2:r3:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:20.2:r3-s1:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:20.2:r3-s2:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:20.2:r3-s3:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:20.2:-:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:20.2:r3-s4:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:20.3:r1-s2:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:20.3:r3-s3:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:20.3:r3-s2:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:20.3:-:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:20.3:r3-s4:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:20.3:r3-s1:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:20.3:r3:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:20.3:r2-s1:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:20.3:r2:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:20.3:r1:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:20.3:r1-s1:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:20.4:r1:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:20.4:r1-s1:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:20.4:r2:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:20.4:r3:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:20.4:r3-s1:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:20.4:r2-s2:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:20.4:r2-s1:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:20.4:r3-s4:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:20.4:r3-s3:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:20.4:r3-s2:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:20.4:-:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:21.1:-:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:21.1:r2-s2:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:21.1:r3-s1:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:21.1:r3-s2:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:21.1:r1-s1:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:21.1:r3:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:21.1:r2-s1:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:21.1:r2:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:21.1:r1:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:21.1:r3-s3:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:21.2:r1:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:21.2:r2:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:21.2:-:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:21.2:r1-s1:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:21.2:r3-s2:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:21.2:r3-s1:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:21.2:r3:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:21.2:r1-s2:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:21.2:r2-s1:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:21.2:r2-s2:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:21.3:r1-s1:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:21.3:r1-s2:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:21.3:r2-s1:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:21.3:r2-s2:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:21.3:-:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:21.3:r3:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:21.3:r3-s1:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:21.3:r1:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:21.3:r2:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:21.4:r2:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:21.4:r2-s1:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:21.4:-:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:21.4:r1-s2:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:21.4:r1:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:21.4:r1-s1:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:21.4:r2-s2:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:22.1:r2-s1:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:22.1:r1:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:22.1:r1-s1:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:22.1:r2:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:22.1:r1-s2:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:22.1:r2-s2:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:22.2:r1:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:22.2:r1-s1:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:22.2:-:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:22.2:r1-s2:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:qfk5110:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:qfk5120:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:qfk5130:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:qfk5200:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:qfk5210:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:qfk5220:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:qfk5230:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:qfk5700:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "sirt@juniper.net",
          "ID": "CVE-2023-44181"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "\nAn Improperly Implemented Security Check for Standard vulnerability in storm control of Juniper Networks Junos OS QFX5k devices allows packets to be punted to ARP queue causing a l2 loop resulting in a DDOS violations and DDOS syslog.\n\nThis issue is triggered when Storm control is enabled and ICMPv6 packets are present on device.\n\nThis issue affects Juniper Networks:\n\nJunos OS\n\n\n\n  *  All versions prior to 20.2R3-S6 on QFX5k;\n  *  20.3 versions prior to 20.3R3-S5 on QFX5k;\n  *  20.4 versions prior to 20.4R3-S5 on QFX5k;\n  *  21.1 versions prior to 21.1R3-S4 on QFX5k;\n  *  21.2 versions prior to 21.2R3-S3 on QFX5k;\n  *  21.3 versions prior to 21.3R3-S2 on QFX5k;\n  *  21.4 versions prior to 21.4R3 on QFX5k;\n  *  22.1 versions prior to 22.1R3 on QFX5k;\n  *  22.2 versions prior to 22.2R2 on QFX5k.\n\n\n\n\n\n\n"
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-835"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.juniper.net/documentation/us/en/software/junos/security-services/topics/task/rate-limiting-storm-control-disabling-cli-els.html",
              "refsource": "MISC",
              "tags": [
                "Technical Description"
              ],
              "url": "https://www.juniper.net/documentation/us/en/software/junos/security-services/topics/task/rate-limiting-storm-control-disabling-cli-els.html"
            },
            {
              "name": "https://supportportal.juniper.net/JSA73145",
              "refsource": "MISC",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://supportportal.juniper.net/JSA73145"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2023-10-20T12:21Z",
      "publishedDate": "2023-10-13T00:15Z"
    }
  }
}

GHSA-9JRM-QW53-PVVC

Vulnerability from github – Published: 2023-10-13 00:30 – Updated: 2024-04-04 08:36

Details

This issue is triggered when Storm control is enabled and ICMPv6 packets are present on device.

This issue affects Juniper Networks:

Junos OS

All versions prior to 20.2R3-S6 on QFX5k;
20.3 versions prior to 20.3R3-S5 on QFX5k;
20.4 versions prior to 20.4R3-S5 on QFX5k;
21.1 versions prior to 21.1R3-S4 on QFX5k;
21.2 versions prior to 21.2R3-S3 on QFX5k;
21.3 versions prior to 21.3R3-S2 on QFX5k;
21.4 versions prior to 21.4R3 on QFX5k;
22.1 versions prior to 22.1R3 on QFX5k;
22.2 versions prior to 22.2R2 on QFX5k.

Severity ?

7.5 (High)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2023-44181"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-835"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-10-13T00:15:11Z",
    "severity": "HIGH"
  },
  "details": "\nAn Improperly Implemented Security Check for Standard vulnerability in storm control of Juniper Networks Junos OS QFX5k devices allows packets to be punted to ARP queue causing a l2 loop resulting in a DDOS violations and DDOS syslog.\n\nThis issue is triggered when Storm control is enabled and ICMPv6 packets are present on device.\n\nThis issue affects Juniper Networks:\n\nJunos OS\n\n\n\n  *  All versions prior to 20.2R3-S6 on QFX5k;\n  *  20.3 versions prior to 20.3R3-S5 on QFX5k;\n  *  20.4 versions prior to 20.4R3-S5 on QFX5k;\n  *  21.1 versions prior to 21.1R3-S4 on QFX5k;\n  *  21.2 versions prior to 21.2R3-S3 on QFX5k;\n  *  21.3 versions prior to 21.3R3-S2 on QFX5k;\n  *  21.4 versions prior to 21.4R3 on QFX5k;\n  *  22.1 versions prior to 22.1R3 on QFX5k;\n  *  22.2 versions prior to 22.2R2 on QFX5k.\n\n\n\n\n\n\n",
  "id": "GHSA-9jrm-qw53-pvvc",
  "modified": "2024-04-04T08:36:42Z",
  "published": "2023-10-13T00:30:19Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44181"
    },
    {
      "type": "WEB",
      "url": "https://supportportal.juniper.net/JSA73145"
    },
    {
      "type": "WEB",
      "url": "https://www.juniper.net/documentation/us/en/software/junos/security-services/topics/task/rate-limiting-storm-control-disabling-cli-els.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

CERTFR-2023-AVI-0836

Vulnerability from certfr_avis - Published: 2023-10-12 - Updated: 2023-10-12

De multiples vulnérabilités ont été découvertes dans les produits Juniper. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, un déni de service à distance et un contournement de la politique de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Juniper Networks	Junos OS	Junos OS séries QFX5000 versions antérieures à 20.4R3-S6, 21.1R3-S5, 21.2R3-S5, 21.3R3-S4, 21.4R3-S3, 22.1R3-S2, 22.2R2-S2, 22.2R3, 22.3R2-S1, 22.3R3, 22.4R1-S2, 22.4R2, 23.2R1
Juniper Networks	Junos OS	Junos OS sur les séries MX versions antérieures à 20.4R3-S7, 21.1R3-S5, 21.2R3-S4, 21.3R3-S4, 21.4R3-S3, 22.1R3-S1, 22.2R2-S1, 22.2R3, 22.3R1-S2, 22.3R2, 22.4R1
Juniper Networks	Junos OS Evolved	Junos OS Evolved versions antérieures à 20.4R3-S8-EVO, 21.1R3-S2-EVO, 21.2R3-S6-EVO, 21.3R3-S5-EVO, 21.4R3-S5-EVO, 22.1R3-S4-EVO, 22.2R3-S3-EVO, 22.3R3-S1-EVO, 22.4R3-EVO, 23.1R2-EVO, 23.2R1-S1-EVO, 23.2R2-EVO, 23.3R1-EVO
Juniper Networks	Junos OS	Junos OS versions antérieures à 20.2R3-S6, 20.3R3-S5, 20.4R3-S9, 21.1R3-S5, 21.2R3-S6, 21.3R3-S5, 21.4R3-S5, 22.1R3-S4, 22.2R2-S2, 22.2R3-S2, 22.3R1-S2, 22.3R2-S2, 22.3R3-S1, 22.4R1-S2, 22.4R2-S2, 22.4R3, 23.1R2, 23.2R2, 23.3R1,

References

Title

Publication Time

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2023-44181 (GCVE-0-2023-44181)

CVE-2023-44181

FKIE_CVE-2023-44181

GSD-2023-44181

GHSA-9JRM-QW53-PVVC

CERTFR-2023-AVI-0836

Solution

Tags

Sightings

Nomenclature