CVE-2023-44181 — HIGH (7.5)

Q: How severe is CVE-2023-44181?

CVE-2023-44181 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2023-44181?

Check the references section above for vendor advisories and patch information. Affected products include: Juniper Junos, Juniper Qfk5110, Juniper Qfk5120, Juniper Qfk5130, Juniper Qfk5200.

Vulnerability Description

An Improperly Implemented Security Check for Standard vulnerability in storm control of Juniper Networks Junos OS QFX5k devices allows packets to be punted to ARP queue causing a l2 loop resulting in a DDOS violations and DDOS syslog. This issue is triggered when Storm control is enabled and ICMPv6 packets are present on device. This issue affects Juniper Networks: Junos OS * All versions prior to 20.2R3-S6 on QFX5k; * 20.3 versions prior to 20.3R3-S5 on QFX5k; * 20.4 versions prior to 20.4R3-S5 on QFX5k; * 21.1 versions prior to 21.1R3-S4 on QFX5k; * 21.2 versions prior to 21.2R3-S3 on QFX5k; * 21.3 versions prior to 21.3R3-S2 on QFX5k; * 21.4 versions prior to 21.4R3 on QFX5k; * 22.1 versions prior to 22.1R3 on QFX5k; * 22.2 versions prior to 22.2R2 on QFX5k.

CVSS Score

7.5

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

NONE

Availability

HIGH

Affected Products

Vendor	Product	Versions
Juniper	Junos	< 20.2
Juniper	Qfk5110	-
Juniper	Qfk5120	-
Juniper	Qfk5130	-
Juniper	Qfk5200	-
Juniper	Qfk5210	-
Juniper	Qfk5220	-
Juniper	Qfk5230	-
Juniper	Qfk5700	-

Related Weaknesses (CWE)

CWE-835

References

https://supportportal.juniper.net/JSA73145Vendor Advisory
https://www.juniper.net/documentation/us/en/software/junos/security-services/topTechnical Description
https://supportportal.juniper.net/JSA73145Vendor Advisory
https://www.juniper.net/documentation/us/en/software/junos/security-services/topTechnical Description

FAQ

What is CVE-2023-44181?

CVE-2023-44181 is a vulnerability with a CVSS score of 7.5 (HIGH). An Improperly Implemented Security Check for Standard vulnerability in storm control of Juniper Networks Junos OS QFX5k devices allows packets to be punted to ARP queue causing a l2 loop resulting in...

How severe is CVE-2023-44181?

CVE-2023-44181 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2023-44181?

Check the references section above for vendor advisories and patch information. Affected products include: Juniper Junos, Juniper Qfk5110, Juniper Qfk5120, Juniper Qfk5130, Juniper Qfk5200.