How severe is CVE-2023-44181?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.5 out of 10.

What type of vulnerability is CVE-2023-44181?

This is classified as CWE-835, which is a common weakness in software security.

CVE-2023-44181 - HIGH Severity | CVSS 7.5

Vulnerability Description

An Improperly Implemented Security Check for Standard vulnerability in storm control of Juniper Networks Junos OS QFX5k devices allows packets to be punted to ARP queue causing a l2 loop resulting in a DDOS violations and DDOS syslog. This issue is triggered when Storm control is enabled and ICMPv6 packets are present on device. This issue affects Juniper Networks: Junos OS * All versions prior to 20.2R3-S6 on QFX5k; * 20.3 versions prior to 20.3R3-S5 on QFX5k; * 20.4 versions prior to 20.4R3-S5 on QFX5k; * 21.1 versions prior to 21.1R3-S4 on QFX5k; * 21.2 versions prior to 21.2R3-S3 on QFX5k; * 21.3 versions prior to 21.3R3-S2 on QFX5k; * 21.4 versions prior to 21.4R3 on QFX5k; * 22.1 versions prior to 22.1R3 on QFX5k; * 22.2 versions prior to 22.2R2 on QFX5k.

Related Vulnerabilities

CVE-2011-1142

HIGH

CVSS:7.5(High)

Stack consumption vulnerability in the dissect_ber_choice function in the BER dissector in Wireshark 1.2.x through 1.2.15 and 1.4.x through 1.4.4 might allow remote attackers to cause a denial of serv...

CWE-8352011

CVE-2013-10005

HIGH

CVSS:7.5(High)

The RemoteAddr and LocalAddr methods on the returned net.Conn may call themselves, leading to an infinite loop which will crash the program due to a stack overflow.

CWE-8352013

CVE-2013-3722

HIGH

CVSS:7.5(High)

A Denial of Service (infinite loop) exists in OpenSIPS before 1.10 in lookup.c.

CWE-8352013

CVE-2013-7488

HIGH

CVSS:7.5(High)

perl-Convert-ASN1 (aka the Convert::ASN1 module for Perl) through 0.27 allows remote attackers to cause an infinite loop via unexpected input.

CWE-8352013

CVE-2016-4970

HIGH

CVSS:7.5(High)

handler/ssl/OpenSslEngine.java in Netty 4.0.x before 4.0.37.Final and 4.1.x before 4.1.1.Final allows remote attackers to cause a denial of service (infinite loop).

CWE-8352016

CVE-2016-5042

HIGH

CVSS:7.5(High)

The dwarf_get_aranges_list function in libdwarf before 20160923 allows remote attackers to cause a denial of service (infinite loop and crash) via a crafted DWARF section.

CWE-8352016