CVE-2023-44183

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Oct 13, 2023
Updated: Oct 20, 2023
CWE ID 401
CWE ID 20

Summary

CVE-2023-44183 is an Improper Input Validation vulnerability in the VxLAN packet forwarding engine (PFE) of Juniper Networks Junos OS on QFX5000 Series and EX4600 Series devices. This vulnerability allows an unauthenticated, adjacent attacker to cause a DMA memory leak by sending two or more genuine packets in the same VxLAN topology. The worst-case scenario could result in FPC0 going missing and interfaces being unavailable for 10 to 20 minutes. To determine if FPC0 has gone missing, the command "show chassis fpc detail" can be used. This vulnerability affects Junos OS versions 18.4R2 and later prior to 20.4R3-S8, as well as version 21.1R1 and later versions prior to the latest release. The danger posed by this vulnerability is medium severity with a CVSS base score of 6.5, potentially impacting the availability of affected devices. It is recommended to apply the necessary updates provided by Juniper Networks to remediate this issue.

Note: The summary is based on information provided and does not include any additional analysis or opinions.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-44183 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options