Instituto Nacional de ciberseguridad. Sección Incibe
Instituto Nacional de Ciberseguridad. Sección INCIBE-CERT

CVE-2026-57023

Gravedad CVSS v4.0:
ALTA
Tipo:
No Disponible / Otro tipo
Fecha de publicación:
09/07/2026
Última modificación:
09/07/2026

Descripción

*** Pendiente de traducción *** An Improper Validation of Specified Quantity in Input vulnerability in the TCP proxy plugin of Juniper Networks Junos OS on MX Series with SPC3, and SRX Series allows an unauthenticated, network-based attacker to cause a complete Denial of Service (DoS).<br /> <br /> When TCP proxy is engaged in a flow session, to support ALGs, Advanced Anti-Malware, ICAP or UTM, a TCP packet with specifically malformed TCP header will cause flow processing daemon (flowd) to crash and restart. This causes a complete service outage until the system has automatically recovered.<br /> <br /> <br /> <br /> This issue affects Junos OS on MX with SPC3, and SRX Series: <br /> <br /> <br /> <br /> * 23.4 versions before 23.4R2-S7, <br /> * 24.2 versions before 24.2R2-S4, <br /> * 24.4 versions before 24.4R2-S3,<br /> * 25.2 versions before 25.2R2.<br /> <br /> <br /> <br /> <br /> This issue does not affect releases before 23.4R1.

Referencias a soluciones, herramientas e información