Vulnerability Description
An Improper Handling of Missing Values vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an adjacent, unauthenticated attacker to cause a dcpfe process core and thereby a Denial of Service (DoS). Continued receipt of these specific frames will cause a sustained Denial of Service condition. This issue occurs when a specific malformed ethernet frame is received. This issue affects Juniper Networks Junos OS on QFX10000 Series, PTX1000 Series Series: All versions prior to 19.4R3-S10; 20.1 version 20.1R1 and later versions; 20.2 versions prior to 20.2R3-S6; 20.3 versions prior to 20.3R3-S6; 20.4 versions prior to 20.4R3-S5; 21.1 versions prior to 21.1R3-S4; 21.2 versions prior to 21.2R3-S3; 21.3 versions prior to 21.3R3-S3; 21.4 versions prior to 21.4R3-S1; 22.1 versions prior to 22.1R2-S1, 22.1R3; 22.2 versions prior to 22.2R1-S2, 22.2R2.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Juniper | Junos | < 19.4 |
| Juniper | Ptx1000 | - |
| Juniper | Qfx10000 | - |
| Juniper | Qfx10002 | - |
| Juniper | Qfx10008 | - |
| Juniper | Qfx10016 | - |
Related Weaknesses (CWE)
References
- https://supportportal.juniper.net/JSA70612Vendor Advisory
- https://supportportal.juniper.net/JSA70612Vendor Advisory
FAQ
What is CVE-2023-1697?
CVE-2023-1697 is a vulnerability with a CVSS score of 6.5 (MEDIUM). An Improper Handling of Missing Values vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an adjacent, unauthenticated attacker to cause a dcpfe process core and t...
How severe is CVE-2023-1697?
CVE-2023-1697 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-1697?
Check the references section above for vendor advisories and patch information. Affected products include: Juniper Junos, Juniper Ptx1000, Juniper Qfx10000, Juniper Qfx10002, Juniper Qfx10008.