CVE-2023-44189 : Exploit Details and Defense Strategies
An Origin Validation vulnerability in Juniper Networks Junos OS Evolved on PTX10003 Series allows unauthorized MAC addresses to be forwarded to the downstream network, potentially leading to congestion. Learn about the impact, affected versions, and mitigation steps.
An Origin Validation vulnerability in MAC address validation of Juniper Networks Junos OS Evolved on PTX10003 Series allows a network-adjacent attacker to bypass MAC address checking, leading to the forwarding of MAC addresses not intended for the adjacent LAN. This can cause congestion and create loops in the downstream layer-2 domain connected to the device.
Understanding CVE-2023-44189
This vulnerability affects Juniper Networks Junos OS Evolved on PTX10003 Series, impacting specific versions as mentioned below.
What is CVE-2023-44189?
An Origin Validation vulnerability in MAC address validation of Juniper Networks Junos OS Evolved on PTX10003 Series allows unauthorized MAC addresses to be forwarded to the downstream network, potentially leading to congestion.
The Impact of CVE-2023-44189
This vulnerability could result in network congestion and layer-2 domain loops due to unauthorized MAC addresses bypassing validation checks.
Technical Details of CVE-2023-44189
Vulnerability Description
The vulnerability enables a network-adjacent attacker to bypass MAC address validation, causing the router to forward traffic not intended for the LAN.
Affected Systems and Versions
- Junos OS Evolved versions prior to 21.4R3-S4-EVO
- Junos OS Evolved 22.1 versions prior to 22.1R3-S3-EVO
- Junos OS Evolved 22.2 version 22.2R1-EVO and later
- Junos OS Evolved 22.3 versions prior to 22.3R2-S2-EVO, 22.3R3-S1-EVO
- Junos OS Evolved 22.4 versions prior to 22.4R2-S1-EVO, 22.4R3-EVO
- Junos OS Evolved 23.2 versions prior to 23.2R2-EVO
Exploitation Mechanism
Juniper SIRT has not detected any malicious exploitation of this vulnerability.
Mitigation and Prevention
Immediate Steps to Take
There are no known workarounds for this vulnerability. Please apply the patches mentioned below.
Long-Term Security Practices
Ensure that your Juniper Networks Junos OS Evolved is regularly updated and review network security controls.
Patching and Updates
Juniper Networks has released updated software versions to address this vulnerability. Ensure your system is running one of the following versions or later: Junos OS Evolved 21.4R3-S4-EVO, 22.1R3-S3-EVO, 22.3R2-S2-EVO, 22.3R3-S1-EVO, 22.4R2-S1-EVO, 22.4R3-EVO, 23.2R2-EVO, 23.3R1-EVO, and subsequent releases.
For more information, refer to the Juniper Networks security advisory JSA73153.