An Improper Preservation of Consistency Between Independent Representations of Shared State vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an adjacent, unauthenticated attacker to cause a Denial of Service (DoS) to device due to out of resources. When a device is configured with "service-provider/SP style" switching, and mac-limiting is configured on an Aggregated Ethernet (ae) interface, and then a PFE is restarted or the device is rebooted, mac-limiting doesn't work anymore. Please note that the issue might not be apparent as traffic will continue to flow through the device although the mac table and respective logs will indicate that mac limit is reached. Functionality can be restored by removing and re-adding the MAC limit configuration. This issue affects Juniper Networks Junos OS on QFX5k Series, EX46xx Series: All versions prior to 20.2R3-S5; 20.3 versions prior to 20.3R3-S5; 20.4 versions prior to 20.4R3-S4; 21.1 versions prior to 21.1R3-S3; 21.2 versions prior to 21.2R3-S1; 21.3 versions prior to 21.3R3 on; 21.4 versions prior to 21.4R3 on; 22.1 versions prior to 22.1R2 on.
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HJuniper Ex4600
HWJuniperwszystkie wersjeJuniper Ex4600 Vc
HWJuniperwszystkie wersjeJuniper Ex4650
HWJuniperwszystkie wersjeJuniper Junos
OSJuniper20.220.320.421.121.221.321.422.1< 20.2Juniper Qfx5100
HWJuniperwszystkie wersjeJuniper Qfx5100 96s
HWJuniperwszystkie wersjeJuniper Qfx5110
HWJuniperwszystkie wersjeJuniper Qfx5120
HWJuniperwszystkie wersjeJuniper Qfx5130
HWJuniperwszystkie wersjeJuniper Qfx5200
HWJuniperwszystkie wersjeJuniper Qfx5200 32c
HWJuniperwszystkie wersjeJuniper Qfx5200 48y
HWJuniperwszystkie wersjeJuniper Qfx5210
HWJuniperwszystkie wersjeJuniper Qfx5210 64c
HWJuniperwszystkie wersjeJuniper Qfx5220
HWJuniperwszystkie wersje
Related vulnerabilities
A PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX Series and SR...
Out-of-bounds Write w J-Web Juniper Junos OS — RCE z uprawnieniami root
This issue is not applicable to NFX NextGen Software. On NFX Series devices the use of Hard-coded Credentials ...
A buffer size validation vulnerability in the overlayd service of Juniper Networks Junos OS may allow an unaut...
An improper check for unusual or exceptional conditions in Juniper Networks Junos OS and Junos OS Evolved Rout...