Lucene search

JuniperCVE-2023-22403

HistoryJan 13, 2023 - 12:15 a.m.

CVE-2023-22403

2023-01-1300:15:10

CWE-770

juniper

web.nvd.nist.gov

juniper networks

junos os

vulnerability

dos

nvd

cve-2023-22403

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

40.4%

JSON

An Allocation of Resources Without Limits or Throttling vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows a network-based, unauthenticated attacker to cause a Denial of Service (DoS).

On QFX10K Series, Inter-Chassis Control Protocol (ICCP) is used in MC-LAG topologies to exchange control information between the devices in the topology. ICCP connection flaps and sync issues will be observed due to excessive specific traffic to the local device.

This issue affects Juniper Networks Junos OS on QFX10K Series:

All versions prior to 20.2R3-S7;
20.4 versions prior to 20.4R3-S4;
21.1 versions prior to 21.1R3-S3;
21.2 versions prior to 21.2R3-S1;
21.3 versions prior to 21.3R3;
21.4 versions prior to 21.4R3;
22.1 versions prior to 22.1R2.

Affected configurations

Nvd

Node

juniperjunosRange<20.2

juniperjunosMatch20.2-

juniperjunosMatch20.2r1

juniperjunosMatch20.2r1-s1

juniperjunosMatch20.2r1-s2

juniperjunosMatch20.2r1-s3

juniperjunosMatch20.2r2

juniperjunosMatch20.2r2-s1

juniperjunosMatch20.2r2-s2

juniperjunosMatch20.2r2-s3

juniperjunosMatch20.2r3

juniperjunosMatch20.2r3-s1

juniperjunosMatch20.2r3-s2

juniperjunosMatch20.2r3-s3

juniperjunosMatch20.2r3-s4

juniperjunosMatch20.2r3-s5

juniperjunosMatch20.2r3-s6

juniperjunosMatch20.4-

juniperjunosMatch20.4r1

juniperjunosMatch20.4r1-s1

juniperjunosMatch20.4r2

juniperjunosMatch20.4r2-s1

juniperjunosMatch20.4r2-s2

juniperjunosMatch20.4r3

juniperjunosMatch20.4r3-s1

juniperjunosMatch20.4r3-s2

juniperjunosMatch20.4r3-s3

juniperjunosMatch21.1-

juniperjunosMatch21.1r1

juniperjunosMatch21.1r1-s1

juniperjunosMatch21.1r2

juniperjunosMatch21.1r2-s1

juniperjunosMatch21.1r2-s2

juniperjunosMatch21.1r3

juniperjunosMatch21.1r3-s1

juniperjunosMatch21.1r3-s2

juniperjunosMatch21.2-

juniperjunosMatch21.2r1

juniperjunosMatch21.2r1-s1

juniperjunosMatch21.2r1-s2

juniperjunosMatch21.2r2

juniperjunosMatch21.2r2-s1

juniperjunosMatch21.2r2-s2

juniperjunosMatch21.2r3

juniperjunosMatch21.3-

juniperjunosMatch21.3r1

juniperjunosMatch21.3r1-s1

juniperjunosMatch21.3r1-s2

juniperjunosMatch21.3r2

juniperjunosMatch21.3r2-s1

juniperjunosMatch21.3r2-s2

juniperjunosMatch21.4-

juniperjunosMatch21.4r1

juniperjunosMatch21.4r1-s1

juniperjunosMatch21.4r1-s2

juniperjunosMatch21.4r2

juniperjunosMatch21.4r2-s1

juniperjunosMatch21.4r2-s2

juniperjunosMatch22.1r1

juniperjunosMatch22.1r1-s1

juniperjunosMatch22.1r1-s2

AND

juniperqfx10002Match-

juniperqfx10008Match-

juniperqfx10016Match-

VendorProductVersionCPE
juniperjunos*cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*
juniperjunos20.2cpe:2.3:o:juniper:junos:20.2:-:*:*:*:*:*:*
juniperjunos20.2cpe:2.3:o:juniper:junos:20.2:r1:*:*:*:*:*:*
juniperjunos20.2cpe:2.3:o:juniper:junos:20.2:r1-s1:*:*:*:*:*:*
juniperjunos20.2cpe:2.3:o:juniper:junos:20.2:r1-s2:*:*:*:*:*:*
juniperjunos20.2cpe:2.3:o:juniper:junos:20.2:r1-s3:*:*:*:*:*:*
juniperjunos20.2cpe:2.3:o:juniper:junos:20.2:r2:*:*:*:*:*:*
juniperjunos20.2cpe:2.3:o:juniper:junos:20.2:r2-s1:*:*:*:*:*:*
juniperjunos20.2cpe:2.3:o:juniper:junos:20.2:r2-s2:*:*:*:*:*:*
juniperjunos20.2cpe:2.3:o:juniper:junos:20.2:r2-s3:*:*:*:*:*:*

Vendor	Product	Version	CPE
juniper	junos	*	cpe:2.3:o:juniper:junos::::::::
juniper	junos	20.2	cpe:2.3:o:juniper:junos:20.2:-::::::
juniper	junos	20.2	cpe:2.3:o:juniper:junos:20.2:r1::::::
juniper	junos	20.2	cpe:2.3:o:juniper:junos:20.2:r1-s1::::::
juniper	junos	20.2	cpe:2.3:o:juniper:junos:20.2:r1-s2::::::
juniper	junos	20.2	cpe:2.3:o:juniper:junos:20.2:r1-s3::::::
juniper	junos	20.2	cpe:2.3:o:juniper:junos:20.2:r2::::::
juniper	junos	20.2	cpe:2.3:o:juniper:junos:20.2:r2-s1::::::
juniper	junos	20.2	cpe:2.3:o:juniper:junos:20.2:r2-s2::::::
juniper	junos	20.2	cpe:2.3:o:juniper:junos:20.2:r2-s3::::::

Rows per page:

1-10 of 641

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "QFX10K Series"
    ],
    "product": "Junos OS",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "lessThan": "20.2R3-S7",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThan": "20.4R3-S4",
        "status": "affected",
        "version": "20.4",
        "versionType": "custom"
      },
      {
        "lessThan": "21.1R3-S3",
        "status": "affected",
        "version": "21.1",
        "versionType": "custom"
      },
      {
        "lessThan": "21.2R3-S1",
        "status": "affected",
        "version": "21.2",
        "versionType": "custom"
      },
      {
        "lessThan": "21.3R3",
        "status": "affected",
        "version": "21.3",
        "versionType": "custom"
      },
      {
        "lessThan": "21.4R3",
        "status": "affected",
        "version": "21.4",
        "versionType": "custom"
      },
      {
        "lessThan": "22.1R2",
        "status": "affected",
        "version": "22.1",
        "versionType": "custom"
      }
    ]
  }
]

References

kb.juniper.net/JSA70199

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

40.4%

JSON

Related for CVE-2023-22403