cvelistv5 - CVE-2022-22188

CVE-2022-22188 (GCVE-0-2022-22188)

Vulnerability from cvelistv5 – Published: 2022-04-14 15:50 – Updated: 2024-09-16 16:57

Summary

An Uncontrolled Memory Allocation vulnerability leading to a Heap-based Buffer Overflow in the packet forwarding engine (PFE) of Juniper Networks Junos OS allows a network-based unauthenticated attacker to flood the device with traffic leading to a Denial of Service (DoS). The device must be configured with storm control profiling limiting the number of unknown broadcast, multicast, or unicast traffic to be vulnerable to this issue. This issue affects: Juniper Networks Junos OS on QFX5100/QFX5110/QFX5120/QFX5200/QFX5210/EX4600/EX4650 Series; 20.2 version 20.2R1 and later versions prior to 20.2R2. This issue does not affect: Juniper Networks Junos OS versions prior to 20.2R1.

Severity ?

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-789 - Uncontrolled Memory Allocation
CWE-122 - Heap-based Buffer Overflow

Assigner

juniper

References

URL

Tags

https://kb.juniper.net/JSA69497

x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	Juniper Networks	Junos OS	Unaffected: unspecified , < 20.2R1 (custom) Affected: 20.2R1 , < 20.2* (custom)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T03:07:49.863Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kb.juniper.net/JSA69497"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "platforms": [
            "QFX5100/QFX5110/QFX5120/QFX5200/QFX5210/EX4600/EX4650 Series"
          ],
          "product": "Junos OS",
          "vendor": "Juniper Networks",
          "versions": [
            {
              "lessThan": "20.2R1",
              "status": "unaffected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "20.2R2",
                  "status": "unaffected"
                }
              ],
              "lessThan": "20.2*",
              "status": "affected",
              "version": "20.2R1",
              "versionType": "custom"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "value": "The following is an example of the configuration required to be impacted by this issue. \nPlease refer to your documentation for specific configuration guidance:\n\n  set interfaces xe-0/0/9:1 unit 0 family ethernet-switching interface-mode trunk\n  set interfaces xe-0/0/9:1 unit 0 family ethernet-switching vlan members 100\n  set interfaces xe-0/0/9:1 unit 0 family ethernet-switching storm-control sc\n  set forwarding-options storm-control-profiles sc all\n  set forwarding-options storm-control-profiles sc action-shutdown\n  set vlans vlan100 vlan-id 100"
        }
      ],
      "datePublic": "2022-04-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An Uncontrolled Memory Allocation vulnerability leading to a Heap-based Buffer Overflow in the packet forwarding engine (PFE) of Juniper Networks Junos OS allows a network-based unauthenticated attacker to flood the device with traffic leading to a Denial of Service (DoS). The device must be configured with storm control profiling limiting the number of unknown broadcast, multicast, or unicast traffic to be vulnerable to this issue. This issue affects: Juniper Networks Junos OS on QFX5100/QFX5110/QFX5120/QFX5200/QFX5210/EX4600/EX4650 Series; 20.2 version 20.2R1 and later versions prior to 20.2R2. This issue does not affect: Juniper Networks Junos OS versions prior to 20.2R1."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-789",
              "description": "CWE-789 Uncontrolled Memory Allocation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-122",
              "description": "CWE-122 Heap-based Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-04-14T15:50:47",
        "orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
        "shortName": "juniper"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kb.juniper.net/JSA69497"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "The following software releases have been updated to resolve this specific issue: 20.2R2, 20.3R1, and all subsequent releases."
        }
      ],
      "source": {
        "advisory": "JSA69497",
        "defect": [
          "1525821"
        ],
        "discovery": "INTERNAL"
      },
      "title": "Junos OS: QFX5100/QFX5110/QFX5120/QFX5200/QFX5210/EX4600/EX4650 Series: When storm control profiling is enabled and a device is under an active storm, a Heap-based Buffer Overflow in the PFE will cause a device to hang.",
      "workarounds": [
        {
          "lang": "en",
          "value": "There are no viable workarounds for this issue."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "sirt@juniper.net",
          "DATE_PUBLIC": "2022-04-13T16:00:00.000Z",
          "ID": "CVE-2022-22188",
          "STATE": "PUBLIC",
          "TITLE": "Junos OS: QFX5100/QFX5110/QFX5120/QFX5200/QFX5210/EX4600/EX4650 Series: When storm control profiling is enabled and a device is under an active storm, a Heap-based Buffer Overflow in the PFE will cause a device to hang."
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Junos OS",
                      "version": {
                        "version_data": [
                          {
                            "platform": "QFX5100/QFX5110/QFX5120/QFX5200/QFX5210/EX4600/EX4650 Series",
                            "version_affected": "!\u003c",
                            "version_value": "20.2R1"
                          },
                          {
                            "platform": "QFX5100/QFX5110/QFX5120/QFX5200/QFX5210/EX4600/EX4650 Series",
                            "version_affected": "\u003e=",
                            "version_name": "20.2",
                            "version_value": "20.2R1"
                          },
                          {
                            "platform": "QFX5100/QFX5110/QFX5120/QFX5200/QFX5210/EX4600/EX4650 Series",
                            "version_affected": "\u003c",
                            "version_name": "20.2",
                            "version_value": "20.2R2"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Juniper Networks"
              }
            ]
          }
        },
        "configuration": [
          {
            "lang": "en",
            "value": "The following is an example of the configuration required to be impacted by this issue. \nPlease refer to your documentation for specific configuration guidance:\n\n  set interfaces xe-0/0/9:1 unit 0 family ethernet-switching interface-mode trunk\n  set interfaces xe-0/0/9:1 unit 0 family ethernet-switching vlan members 100\n  set interfaces xe-0/0/9:1 unit 0 family ethernet-switching storm-control sc\n  set forwarding-options storm-control-profiles sc all\n  set forwarding-options storm-control-profiles sc action-shutdown\n  set vlans vlan100 vlan-id 100"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An Uncontrolled Memory Allocation vulnerability leading to a Heap-based Buffer Overflow in the packet forwarding engine (PFE) of Juniper Networks Junos OS allows a network-based unauthenticated attacker to flood the device with traffic leading to a Denial of Service (DoS). The device must be configured with storm control profiling limiting the number of unknown broadcast, multicast, or unicast traffic to be vulnerable to this issue. This issue affects: Juniper Networks Junos OS on QFX5100/QFX5110/QFX5120/QFX5200/QFX5210/EX4600/EX4650 Series; 20.2 version 20.2R1 and later versions prior to 20.2R2. This issue does not affect: Juniper Networks Junos OS versions prior to 20.2R1."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
          }
        ],
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-789 Uncontrolled Memory Allocation"
                }
              ]
            },
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-122 Heap-based Buffer Overflow"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://kb.juniper.net/JSA69497",
              "refsource": "CONFIRM",
              "url": "https://kb.juniper.net/JSA69497"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "The following software releases have been updated to resolve this specific issue: 20.2R2, 20.3R1, and all subsequent releases."
          }
        ],
        "source": {
          "advisory": "JSA69497",
          "defect": [
            "1525821"
          ],
          "discovery": "INTERNAL"
        },
        "work_around": [
          {
            "lang": "en",
            "value": "There are no viable workarounds for this issue."
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
    "assignerShortName": "juniper",
    "cveId": "CVE-2022-22188",
    "datePublished": "2022-04-14T15:50:47.811194Z",
    "dateReserved": "2021-12-21T00:00:00",
    "dateUpdated": "2024-09-16T16:57:36.592Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.2:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"CD07B7E2-F5C2-4610-9133-FDA9E66DFF4F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.2:r1-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"D3C23AEB-34DE-44FB-8D64-E69D6E8B7401\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.2:r1-s2:*:*:*:*:*:*\", \"matchCriteriaId\": \"18DB9401-5A51-4BB3-AC2F-58F58F1C788C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.2:r1-s3:*:*:*:*:*:*\", \"matchCriteriaId\": \"06F53DA5-59AE-403C-9B1E-41CE267D8BB1\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:ex4600:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D1BB20B5-EA30-4E8E-9055-2E629648436A\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:ex4650:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2B425BB1-3C78-42B1-A6C1-216E514191F0\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:qfx5100:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E974B4BC-64C5-4BB6-AF31-D46AF3763416\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:qfx5110:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"79A8847B-4F98-4949-8639-5CD2B411D10F\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:qfx5120:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"09EBDE4B-764F-4DF1-844A-BB8A52CD53EF\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:qfx5200:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EDC5478F-A047-4F6D-BB11-0077A74C0174\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:juniper:qfx5210:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D877320D-1997-4B66-B11B-864020C755E1\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"An Uncontrolled Memory Allocation vulnerability leading to a Heap-based Buffer Overflow in the packet forwarding engine (PFE) of Juniper Networks Junos OS allows a network-based unauthenticated attacker to flood the device with traffic leading to a Denial of Service (DoS). The device must be configured with storm control profiling limiting the number of unknown broadcast, multicast, or unicast traffic to be vulnerable to this issue. This issue affects: Juniper Networks Junos OS on QFX5100/QFX5110/QFX5120/QFX5200/QFX5210/EX4600/EX4650 Series; 20.2 version 20.2R1 and later versions prior to 20.2R2. This issue does not affect: Juniper Networks Junos OS versions prior to 20.2R1.\"}, {\"lang\": \"es\", \"value\": \"Una vulnerabilidad de Asignaci\\u00f3n de Memoria no Controlada conllevando a un desbordamiento del b\\u00fafer en la regi\\u00f3n Heap de la memoria en el motor de reenv\\u00edo de paquetes (PFE) de Juniper Networks Junos OS permite a un atacante no autenticado basado en la red inundar el dispositivo con tr\\u00e1fico, conllevando a una Denegaci\\u00f3n de Servicio (DoS). El dispositivo debe estar configurado con un perfil de control de tormentas que limite el n\\u00famero de tr\\u00e1fico de difusi\\u00f3n, multidifusi\\u00f3n o unidifusi\\u00f3n desconocido para ser vulnerable a este problema. Este problema afecta a: Juniper Networks Junos OS en las series QFX5100/QFX5110/QFX5120/QFX5200/QFX5210/EX4600/EX4650; versi\\u00f3n 20.2 20.2R1 y versiones posteriores anteriores a 20.2R2. Este problema no afecta a: Juniper Networks Junos OS versiones anteriores a 20.2R1\"}]",
      "id": "CVE-2022-22188",
      "lastModified": "2024-11-21T06:46:21.140",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"sirt@juniper.net\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:N/I:N/A:P\", \"baseScore\": 4.3, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2022-04-14T16:15:08.103",
      "references": "[{\"url\": \"https://kb.juniper.net/JSA69497\", \"source\": \"sirt@juniper.net\", \"tags\": [\"Exploit\", \"Vendor Advisory\"]}, {\"url\": \"https://kb.juniper.net/JSA69497\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Vendor Advisory\"]}]",
      "sourceIdentifier": "sirt@juniper.net",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"sirt@juniper.net\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-122\"}, {\"lang\": \"en\", \"value\": \"CWE-789\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2022-22188\",\"sourceIdentifier\":\"sirt@juniper.net\",\"published\":\"2022-04-14T16:15:08.103\",\"lastModified\":\"2024-11-21T06:46:21.140\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An Uncontrolled Memory Allocation vulnerability leading to a Heap-based Buffer Overflow in the packet forwarding engine (PFE) of Juniper Networks Junos OS allows a network-based unauthenticated attacker to flood the device with traffic leading to a Denial of Service (DoS). The device must be configured with storm control profiling limiting the number of unknown broadcast, multicast, or unicast traffic to be vulnerable to this issue. This issue affects: Juniper Networks Junos OS on QFX5100/QFX5110/QFX5120/QFX5200/QFX5210/EX4600/EX4650 Series; 20.2 version 20.2R1 and later versions prior to 20.2R2. This issue does not affect: Juniper Networks Junos OS versions prior to 20.2R1.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad de Asignaci\u00f3n de Memoria no Controlada conllevando a un desbordamiento del b\u00fafer en la regi\u00f3n Heap de la memoria en el motor de reenv\u00edo de paquetes (PFE) de Juniper Networks Junos OS permite a un atacante no autenticado basado en la red inundar el dispositivo con tr\u00e1fico, conllevando a una Denegaci\u00f3n de Servicio (DoS). El dispositivo debe estar configurado con un perfil de control de tormentas que limite el n\u00famero de tr\u00e1fico de difusi\u00f3n, multidifusi\u00f3n o unidifusi\u00f3n desconocido para ser vulnerable a este problema. Este problema afecta a: Juniper Networks Junos OS en las series QFX5100/QFX5110/QFX5120/QFX5200/QFX5210/EX4600/EX4650; versi\u00f3n 20.2 20.2R1 y versiones posteriores anteriores a 20.2R2. Este problema no afecta a: Juniper Networks Junos OS versiones anteriores a 20.2R1\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"sirt@juniper.net\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:N/A:P\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"sirt@juniper.net\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-122\"},{\"lang\":\"en\",\"value\":\"CWE-789\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.2:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD07B7E2-F5C2-4610-9133-FDA9E66DFF4F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.2:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3C23AEB-34DE-44FB-8D64-E69D6E8B7401\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.2:r1-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"18DB9401-5A51-4BB3-AC2F-58F58F1C788C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.2:r1-s3:*:*:*:*:*:*\",\"matchCriteriaId\":\"06F53DA5-59AE-403C-9B1E-41CE267D8BB1\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:ex4600:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D1BB20B5-EA30-4E8E-9055-2E629648436A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:ex4650:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2B425BB1-3C78-42B1-A6C1-216E514191F0\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:qfx5100:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E974B4BC-64C5-4BB6-AF31-D46AF3763416\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:qfx5110:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"79A8847B-4F98-4949-8639-5CD2B411D10F\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:qfx5120:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"09EBDE4B-764F-4DF1-844A-BB8A52CD53EF\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:qfx5200:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EDC5478F-A047-4F6D-BB11-0077A74C0174\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:juniper:qfx5210:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D877320D-1997-4B66-B11B-864020C755E1\"}]}]}],\"references\":[{\"url\":\"https://kb.juniper.net/JSA69497\",\"source\":\"sirt@juniper.net\",\"tags\":[\"Exploit\",\"Vendor Advisory\"]},{\"url\":\"https://kb.juniper.net/JSA69497\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Vendor Advisory\"]}]}}"
  }
}

FKIE_CVE-2022-22188

Vulnerability from fkie_nvd - Published: 2022-04-14 16:15 - Updated: 2024-11-21 06:46

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

References

	URL	Tags
	sirt@juniper.net	https://kb.juniper.net/JSA69497	Exploit, Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://kb.juniper.net/JSA69497	Exploit, Vendor Advisory

Impacted products

Vendor	Product	Version
juniper	junos	20.2
juniper	junos	20.2
juniper	junos	20.2
juniper	junos	20.2
juniper	ex4600	-
juniper	ex4650	-
juniper	qfx5100	-
juniper	qfx5110	-
juniper	qfx5120	-
juniper	qfx5200	-
juniper	qfx5210	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.2:r1:*:*:*:*:*:*",
              "matchCriteriaId": "CD07B7E2-F5C2-4610-9133-FDA9E66DFF4F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.2:r1-s1:*:*:*:*:*:*",
              "matchCriteriaId": "D3C23AEB-34DE-44FB-8D64-E69D6E8B7401",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.2:r1-s2:*:*:*:*:*:*",
              "matchCriteriaId": "18DB9401-5A51-4BB3-AC2F-58F58F1C788C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.2:r1-s3:*:*:*:*:*:*",
              "matchCriteriaId": "06F53DA5-59AE-403C-9B1E-41CE267D8BB1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:juniper:ex4600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1BB20B5-EA30-4E8E-9055-2E629648436A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:ex4650:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B425BB1-3C78-42B1-A6C1-216E514191F0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:qfx5100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E974B4BC-64C5-4BB6-AF31-D46AF3763416",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:qfx5110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "79A8847B-4F98-4949-8639-5CD2B411D10F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:qfx5120:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "09EBDE4B-764F-4DF1-844A-BB8A52CD53EF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:qfx5200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDC5478F-A047-4F6D-BB11-0077A74C0174",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:qfx5210:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D877320D-1997-4B66-B11B-864020C755E1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An Uncontrolled Memory Allocation vulnerability leading to a Heap-based Buffer Overflow in the packet forwarding engine (PFE) of Juniper Networks Junos OS allows a network-based unauthenticated attacker to flood the device with traffic leading to a Denial of Service (DoS). The device must be configured with storm control profiling limiting the number of unknown broadcast, multicast, or unicast traffic to be vulnerable to this issue. This issue affects: Juniper Networks Junos OS on QFX5100/QFX5110/QFX5120/QFX5200/QFX5210/EX4600/EX4650 Series; 20.2 version 20.2R1 and later versions prior to 20.2R2. This issue does not affect: Juniper Networks Junos OS versions prior to 20.2R1."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad de Asignaci\u00f3n de Memoria no Controlada conllevando a un desbordamiento del b\u00fafer en la regi\u00f3n Heap de la memoria en el motor de reenv\u00edo de paquetes (PFE) de Juniper Networks Junos OS permite a un atacante no autenticado basado en la red inundar el dispositivo con tr\u00e1fico, conllevando a una Denegaci\u00f3n de Servicio (DoS). El dispositivo debe estar configurado con un perfil de control de tormentas que limite el n\u00famero de tr\u00e1fico de difusi\u00f3n, multidifusi\u00f3n o unidifusi\u00f3n desconocido para ser vulnerable a este problema. Este problema afecta a: Juniper Networks Junos OS en las series QFX5100/QFX5110/QFX5120/QFX5200/QFX5210/EX4600/EX4650; versi\u00f3n 20.2 20.2R1 y versiones posteriores anteriores a 20.2R2. Este problema no afecta a: Juniper Networks Junos OS versiones anteriores a 20.2R1"
    }
  ],
  "id": "CVE-2022-22188",
  "lastModified": "2024-11-21T06:46:21.140",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "sirt@juniper.net",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-04-14T16:15:08.103",
  "references": [
    {
      "source": "sirt@juniper.net",
      "tags": [
        "Exploit",
        "Vendor Advisory"
      ],
      "url": "https://kb.juniper.net/JSA69497"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Vendor Advisory"
      ],
      "url": "https://kb.juniper.net/JSA69497"
    }
  ],
  "sourceIdentifier": "sirt@juniper.net",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-122"
        },
        {
          "lang": "en",
          "value": "CWE-789"
        }
      ],
      "source": "sirt@juniper.net",
      "type": "Primary"
    }
  ]
}

CERTFR-2022-AVI-350

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans Juniper Junos OS et Junos OS Evolved. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à l'intégrité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Juniper Networks	Junos OS Evolved	Junos OS Evolved versions antérieures à 20.1R3, 20.2R3, 20.3R2, 20.4R1, 20.4R2-S3-EVO, 20.4R3-S3-EVO, 21.1R3-S1-EVO, 21.2R2-EVO, 21.2R3-EVO, 21.3R1-EVO, 21.3R2-EVO, 21.4R1-EVO, 21.4R2-EVO, 22.1R1-EVO
	Juniper Networks	Junos OS Evolved	JunosOS versions antérieures à 12.3R12-S19, 15.1R7-S10, 17.3R3-S11, 17.4R2-S13, 17.4R3-S4, 18.3R3-S5, 18.4R1-S8, 18.4R2-S10, 18.4R3-S9, 19.1R2-S3, 19.1R3-S8, 19.2R1-S8, 19.2R3-S5, 19.3R2-S6, 19.3R3-S5, 19.4R1-S4, 19.4R2-S6, 19.4R3-S7, 20.1R2, 20.1R3-S4, 20.2R2, 20.2R3-S4, 20.3R1-S2, 20.3R2, 20.3R3-S3, 20.4R1, 20.4R2-S2, 20.4R3-S2, 21.1R1-S1, 21.1R2-S1, 21.1R3-S1, 21.2R1-S1, 21.2R2, 21.2R3, 21.3R1, 21.3R2, 21.4R2, 22.1R1

References

Title

Publication Time

Tags

Bulletin de sécurité Juniper JSA69505 du 13 avril 2022	None	vendor-advisory
Bulletin de sécurité Juniper JSA69519 du 13 avril 2022	None	vendor-advisory
Bulletin de sécurité Juniper JSA69517 du 13 avril 2022	None	vendor-advisory
Bulletin de sécurité Juniper JSA69516 du 13 avril 2022	None	vendor-advisory
Bulletin de sécurité Juniper JSA69511 du 13 avril 2022	None	vendor-advisory
Bulletin de sécurité Juniper JSA69513 du 13 avril 2022	None	vendor-advisory
Bulletin de sécurité Juniper JSA69509 du 13 avril 2022	None	vendor-advisory
Bulletin de sécurité Juniper JSA69497 du 13 avril 2022	None	vendor-advisory
Bulletin de sécurité Juniper JSA69508 du 13 avril 2022	None	vendor-advisory
Bulletin de sécurité Juniper JSA69503 du 13 avril 2022	None	vendor-advisory
Bulletin de sécurité Juniper JSA69494 du 13 avril 2022	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Junos OS Evolved versions ant\u00e9rieures \u00e0 20.1R3, 20.2R3, 20.3R2, 20.4R1, 20.4R2-S3-EVO, 20.4R3-S3-EVO, 21.1R3-S1-EVO, 21.2R2-EVO, 21.2R3-EVO, 21.3R1-EVO, 21.3R2-EVO, 21.4R1-EVO, 21.4R2-EVO, 22.1R1-EVO",
      "product": {
        "name": "Junos OS Evolved",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "JunosOS versions ant\u00e9rieures \u00e0 12.3R12-S19, 15.1R7-S10, 17.3R3-S11, 17.4R2-S13, 17.4R3-S4, 18.3R3-S5, 18.4R1-S8, 18.4R2-S10, 18.4R3-S9, 19.1R2-S3, 19.1R3-S8, 19.2R1-S8, 19.2R3-S5, 19.3R2-S6, 19.3R3-S5, 19.4R1-S4, 19.4R2-S6, 19.4R3-S7, 20.1R2, 20.1R3-S4, 20.2R2, 20.2R3-S4, 20.3R1-S2, 20.3R2, 20.3R3-S3, 20.4R1, 20.4R2-S2, 20.4R3-S2, 21.1R1-S1, 21.1R2-S1, 21.1R3-S1, 21.2R1-S1, 21.2R2, 21.2R3, 21.3R1, 21.3R2, 21.4R2, 22.1R1",
      "product": {
        "name": "Junos OS Evolved",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2022-22193",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22193"
    },
    {
      "name": "CVE-2022-22198",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22198"
    },
    {
      "name": "CVE-2022-22197",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22197"
    },
    {
      "name": "CVE-2022-22194",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22194"
    },
    {
      "name": "CVE-2022-22186",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22186"
    },
    {
      "name": "CVE-2022-22196",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22196"
    },
    {
      "name": "CVE-2022-22181",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22181"
    },
    {
      "name": "CVE-2022-22188",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22188"
    },
    {
      "name": "CVE-2022-22182",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22182"
    },
    {
      "name": "CVE-2022-22183",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22183"
    },
    {
      "name": "CVE-2022-22195",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22195"
    }
  ],
  "links": [],
  "reference": "CERTFR-2022-AVI-350",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2022-04-15T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Juniper Junos OS et\nJunos OS Evolved. Certaines d\u0027entre elles permettent \u00e0 un attaquant de\nprovoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de\nservice \u00e0 distance et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Juniper Junos OS et Junos OS Evolved",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69505 du 13 avril 2022",
      "url": "https://supportportal.juniper.net/s/article/2022-04-Security-Bulletin-Junos-OS-Evolved-PTX-series-An-attacker-sending-a-crafted-GRE-packet-will-cause-the-PFE-to-restart-CVE-2022-22194?language=en_US"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69519 du 13 avril 2022",
      "url": "https://supportportal.juniper.net/s/article/2022-04-Security-Bulletin-Junos-OS-A-XSS-vulnerability-allows-an-attacker-to-execute-commands-on-a-target-J-Web-session-CVE-2022-22182?language=en_US"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69517 du 13 avril 2022",
      "url": "https://supportportal.juniper.net/s/article/2022-04-Security-Bulletin-Junos-OS-J-Web-can-be-compromised-through-reflected-XSS-attacks-CVE-2022-22181?language=en_US"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69516 du 13 avril 2022",
      "url": "https://supportportal.juniper.net/s/article/2022-04-Security-Bulletin-Junos-OS-Evolved-A-remote-attacker-may-cause-a-CPU-Denial-of-Service-by-sending-genuine-traffic-to-a-device-on-a-specific-IPv4-port-CVE-2022-22183?language=en_US"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69511 du 13 avril 2022",
      "url": "https://supportportal.juniper.net/s/article/2022-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-An-rpd-core-will-be-observed-with-proxy-BGP-route-target-filtering-enabled-and-certain-route-add-and-delete-event-happening-CVE-2022-22197?language=en_US"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69513 du 13 avril 2022",
      "url": "https://supportportal.juniper.net/s/article/2022-04-Security-Bulletin-Junos-OS-MS-MPC-or-MS-MIC-or-SPC-crashes-if-it-receives-a-SIP-message-with-a-specific-contact-header-format-CVE-2022-22198?language=en_US"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69509 du 13 avril 2022",
      "url": "https://supportportal.juniper.net/s/article/2022-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-The-rpd-CPU-spikes-to-100-after-a-malformed-ISIS-TLV-has-been-received-CVE-2022-22196?language=en_US"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69497 du 13 avril 2022",
      "url": "https://supportportal.juniper.net/s/article/2022-04-Security-Bulletin-Junos-OS-QFX5100-QFX5110-QFX5120-QFX5200-QFX5210-EX4600-EX4650-Series-When-storm-control-profiling-is-enabled-and-a-device-is-under-an-active-storm-a-Heap-based-Buffer-Overflow-in-the-PFE-will-cause-a-device-hang-CVE-2022-22188?language=en_US"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69508 du 13 avril 2022",
      "url": "https://supportportal.juniper.net/s/article/2022-04-Security-Bulletin-Junos-OS-Evolved-Specific-packets-reaching-the-RE-lead-to-a-counter-overflow-and-eventually-a-crash-CVE-2022-22195?language=en_US"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69503 du 13 avril 2022",
      "url": "https://supportportal.juniper.net/s/article/2022-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-In-a-BGP-rib-sharding-scenario-when-a-certain-CLI-command-is-executed-the-rpd-process-might-crash-CVE-2022-22193?language=en_US"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69494 du 13 avril 2022",
      "url": "https://supportportal.juniper.net/s/article/2022-04-Security-Bulletin-Junos-OS-EX4650-Series-Certain-traffic-received-by-the-Junos-OS-device-on-the-management-interface-may-be-forwarded-to-egress-interfaces-instead-of-discarded-CVE-2022-22186?language=en_US"
    }
  ]
}

CERTFR-2022-AVI-350

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Juniper Networks	Junos OS Evolved	Junos OS Evolved versions antérieures à 20.1R3, 20.2R3, 20.3R2, 20.4R1, 20.4R2-S3-EVO, 20.4R3-S3-EVO, 21.1R3-S1-EVO, 21.2R2-EVO, 21.2R3-EVO, 21.3R1-EVO, 21.3R2-EVO, 21.4R1-EVO, 21.4R2-EVO, 22.1R1-EVO
	Juniper Networks	Junos OS Evolved	JunosOS versions antérieures à 12.3R12-S19, 15.1R7-S10, 17.3R3-S11, 17.4R2-S13, 17.4R3-S4, 18.3R3-S5, 18.4R1-S8, 18.4R2-S10, 18.4R3-S9, 19.1R2-S3, 19.1R3-S8, 19.2R1-S8, 19.2R3-S5, 19.3R2-S6, 19.3R3-S5, 19.4R1-S4, 19.4R2-S6, 19.4R3-S7, 20.1R2, 20.1R3-S4, 20.2R2, 20.2R3-S4, 20.3R1-S2, 20.3R2, 20.3R3-S3, 20.4R1, 20.4R2-S2, 20.4R3-S2, 21.1R1-S1, 21.1R2-S1, 21.1R3-S1, 21.2R1-S1, 21.2R2, 21.2R3, 21.3R1, 21.3R2, 21.4R2, 22.1R1

References

Title

Publication Time

Tags

Bulletin de sécurité Juniper JSA69505 du 13 avril 2022	None	vendor-advisory
Bulletin de sécurité Juniper JSA69519 du 13 avril 2022	None	vendor-advisory
Bulletin de sécurité Juniper JSA69517 du 13 avril 2022	None	vendor-advisory
Bulletin de sécurité Juniper JSA69516 du 13 avril 2022	None	vendor-advisory
Bulletin de sécurité Juniper JSA69511 du 13 avril 2022	None	vendor-advisory
Bulletin de sécurité Juniper JSA69513 du 13 avril 2022	None	vendor-advisory
Bulletin de sécurité Juniper JSA69509 du 13 avril 2022	None	vendor-advisory
Bulletin de sécurité Juniper JSA69497 du 13 avril 2022	None	vendor-advisory
Bulletin de sécurité Juniper JSA69508 du 13 avril 2022	None	vendor-advisory
Bulletin de sécurité Juniper JSA69503 du 13 avril 2022	None	vendor-advisory
Bulletin de sécurité Juniper JSA69494 du 13 avril 2022	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Junos OS Evolved versions ant\u00e9rieures \u00e0 20.1R3, 20.2R3, 20.3R2, 20.4R1, 20.4R2-S3-EVO, 20.4R3-S3-EVO, 21.1R3-S1-EVO, 21.2R2-EVO, 21.2R3-EVO, 21.3R1-EVO, 21.3R2-EVO, 21.4R1-EVO, 21.4R2-EVO, 22.1R1-EVO",
      "product": {
        "name": "Junos OS Evolved",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "JunosOS versions ant\u00e9rieures \u00e0 12.3R12-S19, 15.1R7-S10, 17.3R3-S11, 17.4R2-S13, 17.4R3-S4, 18.3R3-S5, 18.4R1-S8, 18.4R2-S10, 18.4R3-S9, 19.1R2-S3, 19.1R3-S8, 19.2R1-S8, 19.2R3-S5, 19.3R2-S6, 19.3R3-S5, 19.4R1-S4, 19.4R2-S6, 19.4R3-S7, 20.1R2, 20.1R3-S4, 20.2R2, 20.2R3-S4, 20.3R1-S2, 20.3R2, 20.3R3-S3, 20.4R1, 20.4R2-S2, 20.4R3-S2, 21.1R1-S1, 21.1R2-S1, 21.1R3-S1, 21.2R1-S1, 21.2R2, 21.2R3, 21.3R1, 21.3R2, 21.4R2, 22.1R1",
      "product": {
        "name": "Junos OS Evolved",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2022-22193",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22193"
    },
    {
      "name": "CVE-2022-22198",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22198"
    },
    {
      "name": "CVE-2022-22197",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22197"
    },
    {
      "name": "CVE-2022-22194",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22194"
    },
    {
      "name": "CVE-2022-22186",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22186"
    },
    {
      "name": "CVE-2022-22196",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22196"
    },
    {
      "name": "CVE-2022-22181",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22181"
    },
    {
      "name": "CVE-2022-22188",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22188"
    },
    {
      "name": "CVE-2022-22182",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22182"
    },
    {
      "name": "CVE-2022-22183",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22183"
    },
    {
      "name": "CVE-2022-22195",
      "url": "https://www.cve.org/CVERecord?id=CVE-2022-22195"
    }
  ],
  "links": [],
  "reference": "CERTFR-2022-AVI-350",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2022-04-15T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Juniper Junos OS et\nJunos OS Evolved. Certaines d\u0027entre elles permettent \u00e0 un attaquant de\nprovoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de\nservice \u00e0 distance et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Juniper Junos OS et Junos OS Evolved",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69505 du 13 avril 2022",
      "url": "https://supportportal.juniper.net/s/article/2022-04-Security-Bulletin-Junos-OS-Evolved-PTX-series-An-attacker-sending-a-crafted-GRE-packet-will-cause-the-PFE-to-restart-CVE-2022-22194?language=en_US"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69519 du 13 avril 2022",
      "url": "https://supportportal.juniper.net/s/article/2022-04-Security-Bulletin-Junos-OS-A-XSS-vulnerability-allows-an-attacker-to-execute-commands-on-a-target-J-Web-session-CVE-2022-22182?language=en_US"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69517 du 13 avril 2022",
      "url": "https://supportportal.juniper.net/s/article/2022-04-Security-Bulletin-Junos-OS-J-Web-can-be-compromised-through-reflected-XSS-attacks-CVE-2022-22181?language=en_US"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69516 du 13 avril 2022",
      "url": "https://supportportal.juniper.net/s/article/2022-04-Security-Bulletin-Junos-OS-Evolved-A-remote-attacker-may-cause-a-CPU-Denial-of-Service-by-sending-genuine-traffic-to-a-device-on-a-specific-IPv4-port-CVE-2022-22183?language=en_US"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69511 du 13 avril 2022",
      "url": "https://supportportal.juniper.net/s/article/2022-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-An-rpd-core-will-be-observed-with-proxy-BGP-route-target-filtering-enabled-and-certain-route-add-and-delete-event-happening-CVE-2022-22197?language=en_US"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69513 du 13 avril 2022",
      "url": "https://supportportal.juniper.net/s/article/2022-04-Security-Bulletin-Junos-OS-MS-MPC-or-MS-MIC-or-SPC-crashes-if-it-receives-a-SIP-message-with-a-specific-contact-header-format-CVE-2022-22198?language=en_US"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69509 du 13 avril 2022",
      "url": "https://supportportal.juniper.net/s/article/2022-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-The-rpd-CPU-spikes-to-100-after-a-malformed-ISIS-TLV-has-been-received-CVE-2022-22196?language=en_US"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69497 du 13 avril 2022",
      "url": "https://supportportal.juniper.net/s/article/2022-04-Security-Bulletin-Junos-OS-QFX5100-QFX5110-QFX5120-QFX5200-QFX5210-EX4600-EX4650-Series-When-storm-control-profiling-is-enabled-and-a-device-is-under-an-active-storm-a-Heap-based-Buffer-Overflow-in-the-PFE-will-cause-a-device-hang-CVE-2022-22188?language=en_US"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69508 du 13 avril 2022",
      "url": "https://supportportal.juniper.net/s/article/2022-04-Security-Bulletin-Junos-OS-Evolved-Specific-packets-reaching-the-RE-lead-to-a-counter-overflow-and-eventually-a-crash-CVE-2022-22195?language=en_US"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69503 du 13 avril 2022",
      "url": "https://supportportal.juniper.net/s/article/2022-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-In-a-BGP-rib-sharding-scenario-when-a-certain-CLI-command-is-executed-the-rpd-process-might-crash-CVE-2022-22193?language=en_US"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69494 du 13 avril 2022",
      "url": "https://supportportal.juniper.net/s/article/2022-04-Security-Bulletin-Junos-OS-EX4650-Series-Certain-traffic-received-by-the-Junos-OS-device-on-the-management-interface-may-be-forwarded-to-egress-interfaces-instead-of-discarded-CVE-2022-22186?language=en_US"
    }
  ]
}

GSD-2022-22188

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Aliases

CVE-2022-22188

Aliases

CVE-2022-22188

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2022-22188",
    "description": "An Uncontrolled Memory Allocation vulnerability leading to a Heap-based Buffer Overflow in the packet forwarding engine (PFE) of Juniper Networks Junos OS allows a network-based unauthenticated attacker to flood the device with traffic leading to a Denial of Service (DoS). The device must be configured with storm control profiling limiting the number of unknown broadcast, multicast, or unicast traffic to be vulnerable to this issue. This issue affects: Juniper Networks Junos OS on QFX5100/QFX5110/QFX5120/QFX5200/QFX5210/EX4600/EX4650 Series; 20.2 version 20.2R1 and later versions prior to 20.2R2. This issue does not affect: Juniper Networks Junos OS versions prior to 20.2R1.",
    "id": "GSD-2022-22188"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2022-22188"
      ],
      "details": "An Uncontrolled Memory Allocation vulnerability leading to a Heap-based Buffer Overflow in the packet forwarding engine (PFE) of Juniper Networks Junos OS allows a network-based unauthenticated attacker to flood the device with traffic leading to a Denial of Service (DoS). The device must be configured with storm control profiling limiting the number of unknown broadcast, multicast, or unicast traffic to be vulnerable to this issue. This issue affects: Juniper Networks Junos OS on QFX5100/QFX5110/QFX5120/QFX5200/QFX5210/EX4600/EX4650 Series; 20.2 version 20.2R1 and later versions prior to 20.2R2. This issue does not affect: Juniper Networks Junos OS versions prior to 20.2R1.",
      "id": "GSD-2022-22188",
      "modified": "2023-12-13T01:19:29.623435Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "sirt@juniper.net",
        "DATE_PUBLIC": "2022-04-13T16:00:00.000Z",
        "ID": "CVE-2022-22188",
        "STATE": "PUBLIC",
        "TITLE": "Junos OS: QFX5100/QFX5110/QFX5120/QFX5200/QFX5210/EX4600/EX4650 Series: When storm control profiling is enabled and a device is under an active storm, a Heap-based Buffer Overflow in the PFE will cause a device to hang."
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Junos OS",
                    "version": {
                      "version_data": [
                        {
                          "platform": "QFX5100/QFX5110/QFX5120/QFX5200/QFX5210/EX4600/EX4650 Series",
                          "version_affected": "!\u003c",
                          "version_value": "20.2R1"
                        },
                        {
                          "platform": "QFX5100/QFX5110/QFX5120/QFX5200/QFX5210/EX4600/EX4650 Series",
                          "version_affected": "\u003e=",
                          "version_name": "20.2",
                          "version_value": "20.2R1"
                        },
                        {
                          "platform": "QFX5100/QFX5110/QFX5120/QFX5200/QFX5210/EX4600/EX4650 Series",
                          "version_affected": "\u003c",
                          "version_name": "20.2",
                          "version_value": "20.2R2"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Juniper Networks"
            }
          ]
        }
      },
      "configuration": [
        {
          "lang": "eng",
          "value": "The following is an example of the configuration required to be impacted by this issue. \nPlease refer to your documentation for specific configuration guidance:\n\n  set interfaces xe-0/0/9:1 unit 0 family ethernet-switching interface-mode trunk\n  set interfaces xe-0/0/9:1 unit 0 family ethernet-switching vlan members 100\n  set interfaces xe-0/0/9:1 unit 0 family ethernet-switching storm-control sc\n  set forwarding-options storm-control-profiles sc all\n  set forwarding-options storm-control-profiles sc action-shutdown\n  set vlans vlan100 vlan-id 100\n"
        }
      ],
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "An Uncontrolled Memory Allocation vulnerability leading to a Heap-based Buffer Overflow in the packet forwarding engine (PFE) of Juniper Networks Junos OS allows a network-based unauthenticated attacker to flood the device with traffic leading to a Denial of Service (DoS). The device must be configured with storm control profiling limiting the number of unknown broadcast, multicast, or unicast traffic to be vulnerable to this issue. This issue affects: Juniper Networks Junos OS on QFX5100/QFX5110/QFX5120/QFX5200/QFX5210/EX4600/EX4650 Series; 20.2 version 20.2R1 and later versions prior to 20.2R2. This issue does not affect: Juniper Networks Junos OS versions prior to 20.2R1."
          }
        ]
      },
      "exploit": [
        {
          "lang": "eng",
          "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
        }
      ],
      "generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "impact": {
        "cvss": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        }
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-789 Uncontrolled Memory Allocation"
              }
            ]
          },
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-122 Heap-based Buffer Overflow"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://kb.juniper.net/JSA69497",
            "refsource": "CONFIRM",
            "url": "https://kb.juniper.net/JSA69497"
          }
        ]
      },
      "solution": [
        {
          "lang": "eng",
          "value": "The following software releases have been updated to resolve this specific issue: 20.2R2, 20.3R1, and all subsequent releases. "
        }
      ],
      "source": {
        "advisory": "JSA69497",
        "defect": [
          "1525821"
        ],
        "discovery": "INTERNAL"
      },
      "work_around": [
        {
          "lang": "eng",
          "value": "There are no viable workarounds for this issue."
        }
      ]
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:20.2:r1:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:20.2:r1-s1:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:20.2:r1-s2:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:juniper:junos:20.2:r1-s3:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:ex4600:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:ex4650:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:qfx5100:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:qfx5110:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:qfx5120:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:qfx5200:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:juniper:qfx5210:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "sirt@juniper.net",
          "ID": "CVE-2022-22188"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "An Uncontrolled Memory Allocation vulnerability leading to a Heap-based Buffer Overflow in the packet forwarding engine (PFE) of Juniper Networks Junos OS allows a network-based unauthenticated attacker to flood the device with traffic leading to a Denial of Service (DoS). The device must be configured with storm control profiling limiting the number of unknown broadcast, multicast, or unicast traffic to be vulnerable to this issue. This issue affects: Juniper Networks Junos OS on QFX5100/QFX5110/QFX5120/QFX5200/QFX5210/EX4600/EX4650 Series; 20.2 version 20.2R1 and later versions prior to 20.2R2. This issue does not affect: Juniper Networks Junos OS versions prior to 20.2R1."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-122"
                },
                {
                  "lang": "en",
                  "value": "CWE-789"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://kb.juniper.net/JSA69497",
              "refsource": "CONFIRM",
              "tags": [
                "Exploit",
                "Vendor Advisory"
              ],
              "url": "https://kb.juniper.net/JSA69497"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2022-04-21T09:44Z",
      "publishedDate": "2022-04-14T16:15Z"
    }
  }
}

GHSA-VJ9W-X659-CJHQ

Vulnerability from github – Published: 2022-04-15 00:00 – Updated: 2022-04-22 00:00

Details

Severity ?

7.5 (High)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2022-22188"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-122"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-04-14T16:15:00Z",
    "severity": "HIGH"
  },
  "details": "An Uncontrolled Memory Allocation vulnerability leading to a Heap-based Buffer Overflow in the packet forwarding engine (PFE) of Juniper Networks Junos OS allows a network-based unauthenticated attacker to flood the device with traffic leading to a Denial of Service (DoS). The device must be configured with storm control profiling limiting the number of unknown broadcast, multicast, or unicast traffic to be vulnerable to this issue. This issue affects: Juniper Networks Junos OS on QFX5100/QFX5110/QFX5120/QFX5200/QFX5210/EX4600/EX4650 Series; 20.2 version 20.2R1 and later versions prior to 20.2R2. This issue does not affect: Juniper Networks Junos OS versions prior to 20.2R1.",
  "id": "GHSA-vj9w-x659-cjhq",
  "modified": "2022-04-22T00:00:55Z",
  "published": "2022-04-15T00:00:41Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-22188"
    },
    {
      "type": "WEB",
      "url": "https://kb.juniper.net/JSA69497"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2022-22188 (GCVE-0-2022-22188)

FKIE_CVE-2022-22188

CERTFR-2022-AVI-350

Solution

CERTFR-2022-AVI-350

Solution

GSD-2022-22188

GHSA-VJ9W-X659-CJHQ

Tags

Sightings

Nomenclature