QID 44114

QID 44114: Juniper Network Operating System (Junos OS) MAC Address Validation Bypass Vulnerability (JSA73154)

Juniper Junos is the network operating system used in Juniper Networks hardware systems.

An Origin Validation vulnerability in MAC address validation of Juniper Networks Junos OS Evolved on PTX10001, PTX10004, PTX10008, and PTX10016 devices allows a network-adjacent attacker to bypass MAC address checking, allowing MAC addresses not intended to reach the adjacent LAN to be forwarded to the downstream network.

This issue affects Juniper Networks Junos OS Evolved on PTX10001, PTX10004, PTX10008, and PTX10016: all versions prior to 21.4R3-S5-EVO; 22.1 versions prior to 22.1R3-S4-EVO; 22.2 versions 22.2R1-EVO and later; 22.3 versions prior to 22.3R2-S2-EVO, 22.3R3-S1-EVO; 22.4 versions prior to 22.4R2-S1-EVO, 22.4R3-EVO; 23.2 versions prior to 23.2R1-S1-EVO, 23.2R2-EVO.

Successful exploitation of this vulnerability may enable the router to start forwarding traffic if a valid route is present in forwarding-table, causing a loop and congestion in the downstream layer-2 domain connected to the device.

  • CVSS V3 rated as Medium - 5.4 severity.
  • CVSS V2 rated as Medium - 4.8 severity.
    • Solution
    Vendor has released patch addressing the vulnerabilities, for more information please refer JSA73154

    Vendor References

    CVEs related to QID 44114

    CVE-2023-44190 |
    Software Advisories
    Advisory ID Software Component Link
    JSA73154 URL Logo supportportal.juniper.net/s/article/2023-10-Security-Bulletin-Junos-OS-Evolved-PTX10001-PTX10004-PTX10008-PTX10016-MAC-address-validation-bypass-vulnerability-CVE-2023-44190?language=en_US
    By selecting these links, you may be leaving CVEreport webspace. We have provided these links to other websites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other websites that are more appropriate for your purpose. CVEreport does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, CVEreport does not endorse any commercial products that may be mentioned on these sites. Please address comments about any linked pages to [email protected].