CVE-2023-44196

MEDIUM

Juniper Junos OS Evolved MPLS Packet Handling Unauthenticated Integrity Impact

Title source: llm

Description

An Improper Check for Unusual or Exceptional Conditions in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS Evolved on PTX10003 Series allows an unauthenticated adjacent attacker to cause an impact to the integrity of the system. When specific transit MPLS packets are received by the PFE, these packets are internally forwarded to the RE. This issue is a prerequisite for CVE-2023-44195. This issue affects Juniper Networks Junos OS Evolved: * All versions prior to 20.4R3-S8-EVO; * 21.1-EVO version 21.1R1-EVO and later; * 21.2-EVO versions prior to 21.2R3-S6-EVO; * 21.3-EVO version 21.3R1-EVO and later; * 21.4-EVO versions prior to 21.4R3-S3-EVO; * 22.1-EVO versions prior to 22.1R3-S4-EVO; * 22.2-EVO versions prior to 22.2R3-S3-EVO; * 22.3-EVO versions prior to 22.3R2-S2-EVO, 22.3R3-EVO; * 22.4-EVO versions prior to 22.4R2-EVO.

References (1)

Core 1

Core References

Vendor Advisory vendor-advisory

https://supportportal.juniper.net/JSA73162

Scores

CVSS v3 6.5

EPSS 0.0003

EPSS Percentile 10.6%

Attack Vector ADJACENT_NETWORK

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-754

Status published

Products (5)

juniper/junos_os_evolved 20.4 r1 (15 CPE variants)

juniper/junos_os_evolved 21.1 r1 (7 CPE variants)

juniper/junos_os_evolved 21.2 (13 CPE variants)

juniper/junos_os_evolved 21.3 r1 (10 CPE variants)

juniper/junos_os_evolved 21.4 (5 CPE variants)

Published Oct 13, 2023

Tracked Since Feb 18, 2026