Strix
26.1K

CVE-2023-44189

MEDIUMCVSS 5.4/10EPSS 0.18%

Last modified

CVE-2023-44189 is a medium-severity vulnerability rated 5.4/10 on the CVSS scale. An Origin Validation vulnerability in MAC address validation of Juniper Networks Junos OS Evolved on PTX10003 Series allows a network-adjacent attacker to bypass MAC address checking, allowing MAC addresses not intended to reach the adjacent LAN to be forwarded to the downstream network. Due to this issue, the router will start forwarding traffic if a valid route is present in forwarding-table, causing a loop and congestion in the downstream layer-2 domain connected to the device. This issue affects Juniper Networks Junos OS Evolved on PTX10003 Series: * All versions prior to 21.4R3-S4-EVO; * 22.1 versions prior to 22.1R3-S3-EVO; * 22.2 version 22.2R1-EVO and later versions; * 22.3 versions prior to 22.3R2-S2-EVO, 22.3R3-S1-EVO; * 22.4 versions prior to 22.4R2-S1-EVO, 22.4R3-EVO; * 23.2 versions prior to 23.2R2-EVO. . EPSS estimates a 0.18% chance of exploitation in the next 30 days.

Description

An Origin Validation vulnerability in MAC address validation of Juniper Networks Junos OS Evolved on PTX10003 Series allows a network-adjacent attacker to bypass MAC address checking, allowing MAC addresses not intended to reach the adjacent LAN to be forwarded to the downstream network. Due to this issue, the router will start forwarding traffic if a valid route is present in forwarding-table, causing a loop and congestion in the downstream layer-2 domain connected to the device. This issue affects Juniper Networks Junos OS Evolved on PTX10003 Series: * All versions prior to 21.4R3-S4-EVO; * 22.1 versions prior to 22.1R3-S3-EVO; * 22.2 version 22.2R1-EVO and later versions; * 22.3 versions prior to 22.3R2-S2-EVO, 22.3R3-S1-EVO; * 22.4 versions prior to 22.4R2-S1-EVO, 22.4R3-EVO; * 23.2 versions prior to 23.2R2-EVO.

Metrics

CVSS 3.1
5.4/10

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

EPSS Probability
0.18%

7.8th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersionsUpdate
JuniperJunos Os Evolved< 21.4
JuniperJunos Os Evolved21.4
JuniperJunos Os Evolved22.1R1
JuniperJunos Os Evolved22.2R1
JuniperJunos Os Evolved22.3R1
JuniperJunos Os Evolved22.4R1
JuniperJunos Os Evolved23.2R1

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2023-44189?
An Origin Validation vulnerability in MAC address validation of Juniper Networks Junos OS Evolved on PTX10003 Series allows a network-adjacent attacker to bypass MAC address checking, allowing MAC addresses not intended to reach the adjacent LAN to be forwarded to the downstream network. Due to this issue, the router will start forwarding traffic if a valid route is present in forwarding-table, causing a loop and congestion in the downstream layer-2 domain connected to the device. This issue affects Juniper Networks Junos OS Evolved on PTX10003 Series: * All versions prior to 21.4R3-S4-EVO; * 22.1 versions prior to 22.1R3-S3-EVO; * 22.2 version 22.2R1-EVO and later versions; * 22.3 versions prior to 22.3R2-S2-EVO, 22.3R3-S1-EVO; * 22.4 versions prior to 22.4R2-S1-EVO, 22.4R3-EVO; * 23.2 versions prior to 23.2R2-EVO.
How severe is CVE-2023-44189?
CVE-2023-44189 has a CVSS score of 5.4/10 (MEDIUM severity). The EPSS model estimates a 0.18% probability of exploitation in the next 30 days.
How do I fix CVE-2023-44189?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2023-44189?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST