{"vulnerability": "cve-2022-2218", "sightings": [{"uuid": "33487c35-9f24-4a62-ab9f-0d889779d787", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22184", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/11632", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-22184\n\ud83d\udd25 CVSS Score: 7.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\ud83d\udd39 Description: An Improper Input Validation vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacker to cause a Denial of Service (DoS). If a BGP update message is received over an established BGP session, and that message contains a specific, optional transitive attribute, this session will be torn down with an update message error. This issue cannot propagate beyond an affected system as the processing error occurs as soon as the update is received. This issue is exploitable remotely as the respective attribute will propagate through unaffected systems and intermediate AS (if any). Continuous receipt of a BGP update containing this attribute will create a sustained Denial of Service (DoS) condition. Since this issue only affects 22.3R1, Juniper strongly encourages customers to move to 22.3R1-S1. Juniper SIRT felt that the need to promptly warn customers about this issue affecting the 22.3R1 versions of Junos OS and Junos OS Evolved warranted an Out of Cycle JSA. This issue affects: Juniper Networks Junos OS version 22.3R1. Juniper Networks Junos OS Evolved version 22.3R1-EVO. This issue does not affect: Juniper Networks Junos OS versions prior to 22.3R1. Juniper Networks Junos OS Evolved versions prior to 22.3R1-EVO.\n\ud83d\udccf Published: 2022-12-23T23:03:51.372Z\n\ud83d\udccf Modified: 2025-04-14T14:28:03.238Z\n\ud83d\udd17 References:\n1. https://kb.juniper.net/JSA70175", "creation_timestamp": "2025-04-14T14:54:05.000000Z"}, {"uuid": "faa48f2a-be76-48f7-947c-190e12d722ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2218", "type": "seen", "source": "https://t.me/cibsecurity/45181", "content": "\u203c CVE-2022-2218 \u203c\n\nCross-site Scripting (XSS) - Stored in GitHub repository ionicabizau/parse-url prior to 7.0.0.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-27T16:34:41.000000Z"}, {"uuid": "c13023b9-c1b2-4c74-a8de-332e59f579c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22187", "type": "seen", "source": "https://t.me/cibsecurity/40801", "content": "\u203c CVE-2022-22187 \u203c\n\nAn Improper Privilege Management vulnerability in the Windows Installer framework used in the Juniper Networks Juniper Identity Management Service (JIMS) allows an unprivileged user to trigger a repair operation. Running a repair operation, in turn, will trigger a number of file operations in the %TEMP% folder of the user triggering the repair. Some of these operations will be performed from a SYSTEM context (started via the Windows Installer service), including the execution of temporary files. An attacker may be able to provide malicious binaries to the Windows Installer, which will be executed with high privilege, leading to a local privilege escalation. This issue affects Juniper Networks Juniper Identity Management Service (JIMS) versions prior to 1.4.0.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-14T20:19:30.000000Z"}, {"uuid": "43f23b53-2fda-4b6d-83cd-9cca2520f88f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22186", "type": "seen", "source": "https://t.me/cibsecurity/40800", "content": "\u203c CVE-2022-22186 \u203c\n\nDue to an Improper Initialization vulnerability in Juniper Networks Junos OS on EX4650 devices, packets received on the management interface (em0) but not destined to the device, may be improperly forwarded to an egress interface, instead of being discarded. Such traffic being sent by a client may appear genuine, but is non-standard in nature and should be considered as potentially malicious. This issue affects: Juniper Networks Junos OS on EX4650 Series: All versions prior to 19.1R3-S8; 19.2 versions prior to 19.2R3-S5; 19.3 versions prior to 19.3R3-S5; 19.4 versions prior to 19.4R3-S7; 20.1 versions prior to 20.1R3-S3; 20.2 versions prior to 20.2R3-S4; 20.3 versions prior to 20.3R3-S3; 20.4 versions prior to 20.4R3-S2; 21.1 versions prior to 21.1R3-S1; 21.2 versions prior to 21.2R3; 21.3 versions prior to 21.3R2; 21.4 versions prior to 21.4R2; 22.1 versions prior to 22.1R1.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-14T20:19:29.000000Z"}, {"uuid": "b4d1e258-5822-46e8-a7ac-751e9369558e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22188", "type": "seen", "source": "https://t.me/cibsecurity/40792", "content": "\u203c CVE-2022-22188 \u203c\n\nAn Uncontrolled Memory Allocation vulnerability leading to a Heap-based Buffer Overflow in the packet forwarding engine (PFE) of Juniper Networks Junos OS allows a network-based unauthenticated attacker to flood the device with traffic leading to a Denial of Service (DoS). The device must be configured with storm control profiling limiting the number of unknown broadcast, multicast, or unicast traffic to be vulnerable to this issue. This issue affects: Juniper Networks Junos OS on QFX5100/QFX5110/QFX5120/QFX5200/QFX5210/EX4600/EX4650 Series; 20.2 version 20.2R1 and later versions prior to 20.2R2. This issue does not affect: Juniper Networks Junos OS versions prior to 20.2R1.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-14T20:19:19.000000Z"}, {"uuid": "8fee1d6c-b9e0-443a-860e-7ecc3bc971a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22181", "type": "seen", "source": "https://t.me/cibsecurity/40785", "content": "\u203c CVE-2022-22181 \u203c\n\nA reflected Cross-site Scripting (XSS) vulnerability in J-Web of Juniper Networks Junos OS allows a network-based authenticated attacker to run malicious scripts reflected off J-Web to the victim's browser in the context of their session within J-Web. This may allow the attacker to gain control of the device or attack other authenticated user sessions. This issue affects: Juniper Networks Junos OS All versions prior to 18.3R3-S5; 18.4 versions prior to 18.4R3-S9; 19.1 versions prior to 19.1R3-S6; 19.2 versions prior to 19.2R3-S3; 19.3 versions prior to 19.3R2-S6, 19.3R3-S3; 19.4 versions prior to 19.4R3-S5; 20.1 versions prior to 20.1R3-S4; 20.2 versions prior to 20.2R3-S2; 20.3 versions prior to 20.3R3; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R1-S1, 21.1R2.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-14T20:19:10.000000Z"}, {"uuid": "3450fb4f-0c62-4a92-ad7d-33ec723859e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22189", "type": "seen", "source": "https://t.me/cibsecurity/40789", "content": "\u203c CVE-2022-22189 \u203c\n\nAn Incorrect Ownership Assignment vulnerability in Juniper Networks Contrail Service Orchestration (CSO) allows a locally authenticated user to have their permissions elevated without authentication thereby taking control of the local system they are currently authenticated to. This issue affects: Juniper Networks Contrail Service Orchestration 6.0.0 versions prior to 6.0.0 Patch v3 on On-premises installations. This issue does not affect Juniper Networks Contrail Service Orchestration On-premises versions prior to 6.0.0.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-14T20:19:15.000000Z"}, {"uuid": "da1e17ac-1d3c-4b2d-86d9-0c6760277666", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22182", "type": "seen", "source": "https://t.me/cibsecurity/40797", "content": "\u203c CVE-2022-22182 \u203c\n\nA Cross-site Scripting (XSS) vulnerability in Juniper Networks Junos OS J-Web allows an attacker to construct a URL that when visited by another user enables the attacker to execute commands with the target's permissions, including an administrator. This issue affects: Juniper Networks Junos OS 12.3 versions prior to 12.3R12-S19; 15.1 versions prior to 15.1R7-S10; 18.3 versions prior to 18.3R3-S5; 18.4 versions prior to 18.4R2-S10, 18.4R3-S9; 19.1 versions prior to 19.1R2-S3, 19.1R3-S6; 19.2 versions prior to 19.2R1-S8, 19.2R3-S3; 19.3 versions prior to 19.3R2-S6, 19.3R3-S3; 19.4 versions prior to 19.4R3-S5; 20.1 versions prior to 20.1R3-S2; 20.2 versions prior to 20.2R3-S2; 20.3 versions prior to 20.3R3; 20.4 versions prior to 20.4R2-S2, 20.4R3; 21.1 versions prior to 21.1R1-S1, 21.1R2; 21.2 versions prior to 21.2R1-S1, 21.2R2.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-14T20:19:25.000000Z"}, {"uuid": "97d5ea63-5eee-4a9e-9e1b-db800f3f7fca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22185", "type": "seen", "source": "https://t.me/cibsecurity/40788", "content": "\u203c CVE-2022-22185 \u203c\n\nA vulnerability in Juniper Networks Junos OS on SRX Series, allows a network-based unauthenticated attacker to cause a Denial of Service (DoS) by sending a specific fragmented packet to the device, resulting in a flowd process crash, which is responsible for packet forwarding. Continued receipt and processing of this specific packet will create a sustained DoS condition. This issue only affects SRX Series when 'preserve-incoming-fragment-size' feature is enabled. This issue affects Juniper Networks Junos OS on SRX Series: 18.3 versions prior to 18.3R3-S6; 18.4 versions prior to 18.4R3-S10; 19.1 versions prior to 19.1R3-S7; 19.2 versions prior to 19.2R3-S4; 19.3 versions prior to 19.3R3-S4; 19.4 versions prior to 19.4R3-S6; 20.1 versions prior to 20.1R3-S2; 20.2 versions prior to 20.2R3-S3; 20.3 versions prior to 20.3R3-S1; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R2-S1, 21.1R3; 21.2 versions prior to 21.2R2. This issue does not affect Juniper Networks Junos OS prior to 17.3R1.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-14T20:19:13.000000Z"}, {"uuid": "5fa7fa5b-609f-4feb-8e0d-77ec3af1c045", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22183", "type": "seen", "source": "https://t.me/cibsecurity/40787", "content": "\u203c CVE-2022-22183 \u203c\n\nAn Improper Access Control vulnerability in Juniper Networks Junos OS Evolved allows a network-based unauthenticated attacker who is able to connect to a specific open IPv4 port, which in affected releases should otherwise be unreachable, to cause the CPU to consume all resources as more traffic is sent to the port to create a Denial of Service (DoS) condition. Continued receipt and processing of these packets will create a sustained Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS Evolved 20.4 versions prior to 20.4R3-S2-EVO; 21.1 versions prior to 21.1R3-S1-EVO; 21.2 versions prior to 21.2R3-EVO; 21.3 versions prior to 21.3R2-EVO; 21.4 versions prior to 21.4R2-EVO. This issue does not affect Junos OS.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-14T20:19:12.000000Z"}]}