CVE-2023-44203

Name of the Vulnerable Software and Affected Versions Juniper Networks Junos OS versions prior to 20.4R3-S5 Juniper Networks Junos OS 21.1 versions prior to 21.1R3-S4 Juniper Networks Junos OS 21.2 versions prior to 21.2R3-S3 Juniper Networks Junos OS 21.3 versions prior to 21.3R3-S5 Juniper Networks Junos OS 21.4 versions prior to 21.4R3-S2 Juniper Networks Junos OS 22.1 versions prior to 22.1R3 Juniper Networks Junos OS 22.2 versions prior to 22.2R3 Juniper Networks Junos OS 22.3 versions prior to 22.3R2

Description An Improper Check or Handling of Exceptional Conditions issue in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS allows an adjacent attacker to send specific traffic, which leads to packet flooding, resulting in a Denial of Service (DoS). When a specific IGMP packet is received in an isolated VLAN, it is duplicated to all other ports under the primary VLAN, which causes a flood. This issue affects QFX5000 series, EX2300, EX3400, EX4100, EX4400, and EX4600 platforms.

Recommendations For versions prior to 20.4R3-S5, update to 20.4R3-S5 or later. For 21.1 versions prior to 21.1R3-S4, update to 21.1R3-S4 or later. For 21.2 versions prior to 21.2R3-S3, update to 21.2R3-S3 or later. For 21.3 versions prior to 21.3R3-S5, update to 21.3R3-S5 or later. For 21.4 versions prior to 21.4R3-S2, update to 21.4R3-S2 or later. For 22.1 versions prior to 22.1R3, update to 22.1R3 or later. For 22.2 versions prior to 22.2R3, update to 22.2R3 or later. For 22.3 versions prior to 22.3R2, update to 22.3R2 or later.