CVE-2023-44195

Name: CVE-2023-44195
Creator: NVD / NIST
Published: 2023-10-13T00:15:12.53+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

MEDIUMCVSS 5.3/10EPSS 0.40%

Last modified Jun 17, 2026

CVE-2023-44195 is a medium-severity vulnerability rated 5.3/10 on the CVSS scale. An Improper Restriction of Communication Channel to Intended Endpoints vulnerability in the NetworkStack agent daemon (nsagentd) of Juniper Networks Junos OS Evolved allows an unauthenticated network based attacker to cause limited impact to the availability of the system. If specific packets reach the Routing-Engine (RE) these will be processed normally even if firewall filters are in place which should have prevented this. This can lead to a limited, increased consumption of resources resulting in a Denial-of-Service (DoS), and unauthorized access. CVE-2023-44196 is a prerequisite for this issue. This issue affects Juniper Networks Junos OS Evolved: * 21.3-EVO versions prior to 21.3R3-S5-EVO; * 21.4-EVO versions prior to 21.4R3-S4-EVO; * 22.1-EVO version 22.1R1-EVO and later; * 22.2-EVO version 22.2R1-EVO and later; * 22.3-EVO versions prior to 22.3R2-S2-EVO, 22.3R3-S1-EVO; * 22.4-EVO versions prior to 22.4R3-EVO. This issue doesn't not affected Junos OS Evolved versions prior to 21.3R1-EVO. . EPSS estimates a 0.40% chance of exploitation in the next 30 days.

Description

An Improper Restriction of Communication Channel to Intended Endpoints vulnerability in the NetworkStack agent daemon (nsagentd) of Juniper Networks Junos OS Evolved allows an unauthenticated network based attacker to cause limited impact to the availability of the system. If specific packets reach the Routing-Engine (RE) these will be processed normally even if firewall filters are in place which should have prevented this. This can lead to a limited, increased consumption of resources resulting in a Denial-of-Service (DoS), and unauthorized access. CVE-2023-44196 is a prerequisite for this issue. This issue affects Juniper Networks Junos OS Evolved: * 21.3-EVO versions prior to 21.3R3-S5-EVO; * 21.4-EVO versions prior to 21.4R3-S4-EVO; * 22.1-EVO version 22.1R1-EVO and later; * 22.2-EVO version 22.2R1-EVO and later; * 22.3-EVO versions prior to 22.3R2-S2-EVO, 22.3R3-S1-EVO; * 22.4-EVO versions prior to 22.4R3-EVO. This issue doesn't not affected Junos OS Evolved versions prior to 21.3R1-EVO.

Metrics

CVSS 3.1

5.3/10

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

EPSS Probability

0.40%

31.5th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-923

Affected Software

Vendor	Product	Versions	Update
Juniper	Junos Os Evolved	21.4	—
Juniper	Junos Os Evolved	22.1	—
Juniper	Junos Os Evolved	22.2	—
Juniper	Junos Os Evolved	22.3	—
Juniper	Junos Os Evolved	22.4	—
Juniper	Junos Os Evolved	23.1	R1
Juniper	Junos Os Evolved	23.2	R1-S1

References

https://supportportal.juniper.net/JSA73160Vendor Advisory
https://supportportal.juniper.net/JSA73160Vendor Advisory

Timeline

Published: Oct 13, 2023
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2023-44195?

How severe is CVE-2023-44195?

CVE-2023-44195 has a CVSS score of 5.3/10 (MEDIUM severity). The EPSS model estimates a 0.40% probability of exploitation in the next 30 days.

How do I fix CVE-2023-44195?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2023-44195?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST