CVE-2023-1697

Name of the Vulnerable Software and Affected Versions Juniper Networks Junos OS versions prior to 19.4R3-S10 Juniper Networks Junos OS version 20.1R1 and later versions Juniper Networks Junos OS versions prior to 20.2R3-S6 Juniper Networks Junos OS versions prior to 20.3R3-S6 Juniper Networks Junos OS versions prior to 20.4R3-S5 Juniper Networks Junos OS versions prior to 21.1R3-S4 Juniper Networks Junos OS versions prior to 21.2R3-S3 Juniper Networks Junos OS versions prior to 21.3R3-S3 Juniper Networks Junos OS versions prior to 21.4R3-S1 Juniper Networks Junos OS versions prior to 22.1R2-S1, 22.1R3 Juniper Networks Junos OS versions prior to 22.2R1-S2, 22.2R2

Description An Improper Handling of Missing Values issue in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an adjacent, unauthenticated attacker to cause a dcpfe process core and thereby a Denial of Service (DoS). Continued receipt of specific malformed ethernet frames will cause a sustained Denial of Service condition. This issue occurs when a specific malformed ethernet frame is received.

Recommendations As a temporary workaround, consider disabling the dcpfe process until a patch is available. Restrict access to the vulnerable Packet Forwarding Engine (PFE) module to minimize the risk of exploitation. Avoid using the QFX10000 Series and PTX1000 Series until the issue is resolved. Update to a version that contains the fix for this issue, if available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.