Vulnerability Description
An Origin Validation vulnerability in MAC address validation of Juniper Networks Junos OS Evolved on PTX10001, PTX10004, PTX10008, and PTX10016 devices allows a network-adjacent attacker to bypass MAC address checking, allowing MAC addresses not intended to reach the adjacent LAN to be forwarded to the downstream network. Due to this issue, the router will start forwarding traffic if a valid route is present in forwarding-table, causing a loop and congestion in the downstream layer-2 domain connected to the device. This issue affects Juniper Networks Junos OS Evolved on PTX10001, PTX10004, PTX10008, and PTX10016: * All versions prior to 21.4R3-S5-EVO; * 22.1 versions prior to 22.1R3-S4-EVO; * 22.2 versions 22.2R1-EVO and later; * 22.3 versions prior to 22.3R2-S2-EVO, 22.3R3-S1-EVO; * 22.4 versions prior to 22.4R2-S1-EVO, 22.4R3-EVO; * 23.2 versions prior to 23.2R1-S1-EVO, 23.2R2-EVO.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Juniper | Junos Os Evolved | < 21.4 |
| Juniper | Ptx10001 | - |
| Juniper | Ptx10001-36Mr | - |
| Juniper | Ptx10004 | - |
| Juniper | Ptx10008 | - |
| Juniper | Ptx10016 | - |
Related Weaknesses (CWE)
References
- https://supportportal.juniper.net/JSA73154Vendor Advisory
- https://supportportal.juniper.net/JSA73154Vendor Advisory
FAQ
What is CVE-2023-44190?
CVE-2023-44190 is a vulnerability with a CVSS score of 6.1 (MEDIUM). An Origin Validation vulnerability in MAC address validation of Juniper Networks Junos OS Evolved on PTX10001, PTX10004, PTX10008, and PTX10016 devices allows a network-adjacent attacker to bypass MA...
How severe is CVE-2023-44190?
CVE-2023-44190 has been rated MEDIUM with a CVSS base score of 6.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-44190?
Check the references section above for vendor advisories and patch information. Affected products include: Juniper Junos Os Evolved, Juniper Ptx10001, Juniper Ptx10001-36Mr, Juniper Ptx10004, Juniper Ptx10008.