CVE-2023-44183

Summary

CVE-2023-44183 is an Improper Input Validation vulnerability in the VxLAN packet forwarding engine (PFE) of Juniper Networks Junos OS on QFX5000 Series and EX4600 Series devices. This vulnerability allows an unauthenticated, adjacent attacker to cause a DMA memory leak by sending two or more genuine packets in the same VxLAN topology. The worst-case scenario could result in FPC0 going missing and interfaces being unavailable for 10 to 20 minutes. To determine if FPC0 has gone missing, the command "show chassis fpc detail" can be used. This vulnerability affects Junos OS versions 18.4R2 and later prior to 20.4R3-S8, as well as version 21.1R1 and later versions prior to the latest release. The danger posed by this vulnerability is medium severity with a CVSS base score of 6.5, potentially impacting the availability of affected devices. It is recommended to apply the necessary updates provided by Juniper Networks to remediate this issue. Note: The summary is based on information provided and does not include any additional analysis or opinions.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.