#VU82110 Missing origin validation in websockets in Junos OS Evolved - CVE-2023-44189

Cybersecurity Help s.r.o.

Published: 2023-10-17

Vulnerability identifier: #VU82110

Vulnerability risk: Medium

CVSSv4.0: 1.3 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2023-44189

CWE-ID: N/A

Exploitation vector: Local network

Exploit availability: No

Vulnerable software:
Junos OS Evolved
Operating systems & Components / Operating system

Vendor: Juniper Networks, Inc.

Description

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to origin validation error in MAC address validation. A remote attacker on the local network can bypass MAC address checking and gain unauthorized access to network resources.

Mitigation
Install updates from vendor's website for PTX10003 series devices.

Vulnerable software versions

Junos OS Evolved: 21.4R1-EVO - 21.4R3-S3-EVO, 22.1-EVO - 22.1R3-S2-EVO, 22.3R1-EVO - 22.3R2-S1-EVO, 22.4R1-EVO - 22.4R2-EVO, 23.2R1-EVO - 23.2R1-S1-EVO

External links
https://supportportal.juniper.net/s/article/2023-10-Security-Bulletin-Junos-OS-Evolved-PTX10003-Series-MAC-address-validation-bypass-vulnerability-CVE-2023-44189

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

MAC address validation bypass in Junos OS Evolved on PTX10003 series