CVE-2023-36835
CVSS V2 None
CVSS V3 None
Description
An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on QFX10000 Series allows a network based attacker to cause a Denial of Service (DoS).
If a specific valid IP packet is received and that packet needs to be routed over a VXLAN tunnel, this will result in a PFE wedge condition due to which traffic gets impacted. As this is not a crash and restart scenario, this condition will persist until the system is rebooted to recover.
This issue affects Juniper Networks Junos OS on QFX10000:
20.3 version 20.3R1 and later versions;
20.4 versions prior to 20.4R3-S5;
21.1 versions prior to 21.1R3-S5;
21.2 versions prior to 21.2R3-S5;
21.3 versions prior to 21.3R3-S4;
21.4 versions prior to 21.4R3-S1;
22.1 versions prior to 22.1R3;
22.2 versions prior to 22.2R2;
22.3 versions prior to 22.3R1-S2, 22.3R2.
Overview
- CVE ID
- CVE-2023-36835
- Assigner
- juniper
- Vulnerability Status
- PUBLISHED
- Published Version
- 2023-07-14T17:11:26.454Z
- Last Modified Date
- 2023-07-14T17:11:26.454Z
Weakness Enumerations
References
| Reference URL | Reference Tags |
|---|---|
| https://supportportal.juniper.net/JSA71642 |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2023-36835 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-36835 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2024-06-25 16:41:28 | Added to TrackCVE |