CVE-2026-57023
Gravedad CVSS v4.0:
ALTA
Tipo:
No Disponible / Otro tipo
Fecha de publicación:
09/07/2026
Última modificación:
09/07/2026
Descripción
*** Pendiente de traducción *** An Improper Validation of Specified Quantity in Input vulnerability in the TCP proxy plugin of Juniper Networks Junos OS on MX Series with SPC3, and SRX Series allows an unauthenticated, network-based attacker to cause a complete Denial of Service (DoS).<br />
<br />
When TCP proxy is engaged in a flow session, to support ALGs, Advanced Anti-Malware, ICAP or UTM, a TCP packet with specifically malformed TCP header will cause flow processing daemon (flowd) to crash and restart. This causes a complete service outage until the system has automatically recovered.<br />
<br />
<br />
<br />
This issue affects Junos OS on MX with SPC3, and SRX Series: <br />
<br />
<br />
<br />
* 23.4 versions before 23.4R2-S7, <br />
* 24.2 versions before 24.2R2-S4, <br />
* 24.4 versions before 24.4R2-S3,<br />
* 25.2 versions before 25.2R2.<br />
<br />
<br />
<br />
<br />
This issue does not affect releases before 23.4R1.
Impacto
Puntuación base 4.0
8.70
Gravedad 4.0
ALTA
Puntuación base 3.x
7.50
Gravedad 3.x
ALTA



