CVE-2023-44191

Name of the Vulnerable Software and Affected Versions Juniper Networks Junos OS versions prior to 21.1R3-S5 Juniper Networks Junos OS versions prior to 21.2R3-S5 Juniper Networks Junos OS versions prior to 21.3R3-S5 Juniper Networks Junos OS versions prior to 21.4R3-S4 Juniper Networks Junos OS versions prior to 22.1R3-S3 Juniper Networks Junos OS versions prior to 22.2R3-S1 Juniper Networks Junos OS versions prior to 22.3R2-S2, 22.3R3 Juniper Networks Junos OS versions prior to 22.4R2

Description An Allocation of Resources Without Limits or Throttling issue in Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause Denial of Service (DoS). On all Junos OS QFX5000 Series and EX4000 Series platforms, when a high number of VLANs are configured, a specific DHCP packet will cause PFE hogging, leading to dropping of socket connections.

Recommendations For versions prior to 21.1R3-S5, update to 21.1R3-S5 or later. For versions prior to 21.2R3-S5, update to 21.2R3-S5 or later. For versions prior to 21.3R3-S5, update to 21.3R3-S5 or later. For versions prior to 21.4R3-S4, update to 21.4R3-S4 or later. For versions prior to 22.1R3-S3, update to 22.1R3-S3 or later. For versions prior to 22.2R3-S1, update to 22.2R3-S1 or later. For versions prior to 22.3R2-S2, 22.3R3, update to 22.3R2-S2, 22.3R3 or later. For versions prior to 22.4R2, update to 22.4R2 or later.