An Improperly Implemented Security Check for Standard vulnerability in storm control of Juniper Networks Junos OS QFX5k devices allows packets to be punted to ARP queue causing a l2 loop resulting in a DDOS violations and DDOS syslog. This issue is triggered when Storm control is enabled and ICMPv6 packets are present on device. This issue affects Juniper Networks: Junos OS * All versions prior to 20.2R3-S6 on QFX5k; * 20.3 versions prior to 20.3R3-S5 on QFX5k; * 20.4 versions prior to 20.4R3-S5 on QFX5k; * 21.1 versions prior to 21.1R3-S4 on QFX5k; * 21.2 versions prior to 21.2R3-S3 on QFX5k; * 21.3 versions prior to 21.3R3-S2 on QFX5k; * 21.4 versions prior to 21.4R3 on QFX5k; * 22.1 versions prior to 22.1R3 on QFX5k; * 22.2 versions prior to 22.2R2 on QFX5k.
History

Wed, 18 Sep 2024 15:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: juniper

Published: 2023-10-12T23:01:38.150Z

Updated: 2024-09-18T14:43:54.724Z

Reserved: 2023-09-26T19:30:17.664Z

Link: CVE-2023-44181

cve-icon Vulnrichment

Updated: 2024-08-02T19:59:51.354Z

cve-icon NVD

Status : Modified

Published: 2023-10-13T00:15:11.837

Modified: 2024-11-21T08:25:23.000

Link: CVE-2023-44181

cve-icon Redhat

No data.