CVE-2023-44181

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Oct 13, 2023
Updated: Oct 20, 2023
CWE ID 835

Summary

CVE-2023-44181 is a vulnerability affecting Juniper Networks Junos OS QFX5k devices, specifically in their storm control feature. The flaw, which is an improperly implemented security check, allows for ICMPv6 packets to be misdirected to the ARP queue, resulting in a layer 2 loop and potential DDoS attacks. This issue arises when Storm control is enabled and affects multiple Junos OS versions on QFX5k devices, including those prior to 20.2R3-S6, 20.3R3-S5, 20.4R3-S5, 21.1R3-S4, 21.2R3-S3, 21.3R3-S2, 21.4R3, 22.1R3, and 22.2R2.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share