CVE-2023-44199
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
13/10/2023
Last modified:
20/10/2023
Description
<br />
An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on MX Series allows a network-based, unauthenticated attacker to cause a Denial of Service (DoS).<br />
<br />
On Junos MX Series platforms with Precision Time Protocol (PTP) configured, a prolonged routing protocol churn can lead to an FPC crash and restart.<br />
<br />
This issue affects Juniper Networks Junos OS on MX Series:<br />
<br />
<br />
<br />
* All versions prior to 20.4R3-S4;<br />
* 21.1 version 21.1R1 and later versions;<br />
* 21.2 versions prior to 21.2R3-S2;<br />
* 21.3 versions prior to 21.3R3-S5;<br />
* 21.4 versions prior to 21.4R3;<br />
* 22.1 versions prior to 22.1R3;<br />
* 22.2 versions prior to 22.2R1-S1, 22.2R2.<br />
<br />
<br />
<br />
<br />
<br />
<br />
Impact
Base Score 3.x
7.50
Severity 3.x
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:* | 20.4 (excluding) | |
| cpe:2.3:o:juniper:junos:20.4:-:*:*:*:*:*:* | ||
| cpe:2.3:o:juniper:junos:20.4:r1:*:*:*:*:*:* | ||
| cpe:2.3:o:juniper:junos:20.4:r1-s1:*:*:*:*:*:* | ||
| cpe:2.3:o:juniper:junos:20.4:r2:*:*:*:*:*:* | ||
| cpe:2.3:o:juniper:junos:20.4:r2-s1:*:*:*:*:*:* | ||
| cpe:2.3:o:juniper:junos:20.4:r2-s2:*:*:*:*:*:* | ||
| cpe:2.3:o:juniper:junos:20.4:r3:*:*:*:*:*:* | ||
| cpe:2.3:o:juniper:junos:20.4:r3-s1:*:*:*:*:*:* | ||
| cpe:2.3:o:juniper:junos:20.4:r3-s2:*:*:*:*:*:* | ||
| cpe:2.3:o:juniper:junos:20.4:r3-s3:*:*:*:*:*:* | ||
| cpe:2.3:o:juniper:junos:21.1:r1:*:*:*:*:*:* | ||
| cpe:2.3:o:juniper:junos:21.1:r1-s1:*:*:*:*:*:* | ||
| cpe:2.3:o:juniper:junos:21.1:r2:*:*:*:*:*:* | ||
| cpe:2.3:o:juniper:junos:21.1:r2-s1:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page