cve-2022-22159
Vulnerability from cvelistv5
Published
2022-01-19 00:21
Modified
2024-09-16 20:37
Severity ?
EPSS score ?
Summary
Junos OS: An attacker sending crafted packets can cause a traffic and CPU Denial of Service (DoS).
References
| ▼ | URL | Tags | |
|---|---|---|---|
| sirt@juniper.net | https://kb.juniper.net/JSA11267 | Vendor Advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Juniper Networks | Junos OS | |
| Juniper Networks | Junos OS Evolved |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:07:49.767Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.juniper.net/JSA11267"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Junos OS",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "17.3R3-S9",
"status": "unaffected",
"version": "unspecified",
"versionType": "custom"
},
{
"changes": [
{
"at": "17.3R3-S12",
"status": "unaffected"
}
],
"lessThan": "17.3*",
"status": "affected",
"version": "17.3R3-S9",
"versionType": "custom"
},
{
"changes": [
{
"at": "17.4R3-S5",
"status": "unaffected"
}
],
"lessThan": "17.4*",
"status": "affected",
"version": "17.4R3-S3",
"versionType": "custom"
},
{
"changes": [
{
"at": "18.1R3-S13",
"status": "unaffected"
}
],
"lessThan": "18.1*",
"status": "affected",
"version": "18.1R3-S11",
"versionType": "custom"
},
{
"lessThan": "18.2*",
"status": "affected",
"version": "18.2R3-S6",
"versionType": "custom"
},
{
"changes": [
{
"at": "18.3R3-S5",
"status": "unaffected"
}
],
"lessThan": "18.3*",
"status": "affected",
"version": "18.3R3-S4",
"versionType": "custom"
},
{
"changes": [
{
"at": "18.4R3-S9",
"status": "unaffected"
}
],
"lessThan": "18.4*",
"status": "affected",
"version": "18.4R3-S5",
"versionType": "custom"
},
{
"changes": [
{
"at": "19.1R3-S7",
"status": "unaffected"
}
],
"lessThan": "19.1*",
"status": "affected",
"version": "19.1R3-S3",
"versionType": "custom"
}
]
},
{
"product": "Junos OS Evolved",
"vendor": "Juniper Networks",
"versions": [
{
"status": "unaffected",
"version": "Any"
}
]
}
],
"datePublic": "2022-01-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the NETISR network queue functionality of Juniper Networks Junos OS kernel allows an attacker to cause a Denial of Service (DoS) by sending crafted genuine packets to a device. During an attack, the routing protocol daemon (rpd) CPU may reach 100% utilization, yet FPC CPUs forwarding traffic will operate normally. This attack occurs when the attackers\u0027 packets are sent over an IPv4 unicast routing equal-cost multi-path (ECMP) unilist selection. Continued receipt and processing of these packets will create a sustained Denial of Service (DoS) condition. An indicator of compromise may be to monitor NETISR drops in the network with the assistance of JTAC. Please contact JTAC for technical support for further guidance. This issue affects: Juniper Networks Junos OS 17.3 version 17.3R3-S9 and later versions prior to 17.3R3-S12; 17.4 version 17.4R3-S3 and later versions prior to 17.4R3-S5; 18.1 version 18.1R3-S11 and later versions prior to 18.1R3-S13; 18.2 version 18.2R3-S6 and later versions; 18.3 version 18.3R3-S4 and later versions prior to 18.3R3-S5; 18.4 version 18.4R3-S5 and later versions prior to 18.4R3-S9; 19.1 version 19.1R3-S3 and later versions prior to 19.1R3-S7. This issue does not affect Juniper Networks Junos OS versions prior to 17.3R3-S9. This issue does not affect Juniper Networks Junos OS Evolved."
}
],
"exploits": [
{
"lang": "en",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service (DoS)",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-19T00:21:02",
"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"shortName": "juniper"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.juniper.net/JSA11267"
}
],
"solutions": [
{
"lang": "en",
"value": "The following software releases have been updated to resolve this specific issue: 17.3R3-S12, 17.4R3-S5, 18.1R3-S13, 18.3R3-S5, 18.4R3-S9, 19.1R3-S7, and all subsequent releases."
}
],
"source": {
"advisory": "JSA11267",
"defect": [
"1580066"
],
"discovery": "USER"
},
"title": "Junos OS: An attacker sending crafted packets can cause a traffic and CPU Denial of Service (DoS).",
"workarounds": [
{
"lang": "en",
"value": "There are no available workarounds for this issue."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2022-01-12T17:00:00.000Z",
"ID": "CVE-2022-22159",
"STATE": "PUBLIC",
"TITLE": "Junos OS: An attacker sending crafted packets can cause a traffic and CPU Denial of Service (DoS)."
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"version_affected": "\u003e=",
"version_name": "17.3",
"version_value": "17.3R3-S9"
},
{
"version_affected": "\u003c",
"version_name": "17.3",
"version_value": "17.3R3-S12"
},
{
"version_affected": "\u003e=",
"version_name": "17.4",
"version_value": "17.4R3-S3"
},
{
"version_affected": "\u003c",
"version_name": "17.4",
"version_value": "17.4R3-S5"
},
{
"version_affected": "\u003e=",
"version_name": "18.1",
"version_value": "18.1R3-S11"
},
{
"version_affected": "\u003c",
"version_name": "18.1",
"version_value": "18.1R3-S13"
},
{
"version_affected": "\u003e=",
"version_name": "18.2",
"version_value": "18.2R3-S6"
},
{
"version_affected": "\u003e=",
"version_name": "18.3",
"version_value": "18.3R3-S4"
},
{
"version_affected": "\u003c",
"version_name": "18.3",
"version_value": "18.3R3-S5"
},
{
"version_affected": "\u003e=",
"version_name": "18.4",
"version_value": "18.4R3-S5"
},
{
"version_affected": "\u003c",
"version_name": "18.4",
"version_value": "18.4R3-S9"
},
{
"version_affected": "\u003e=",
"version_name": "19.1",
"version_value": "19.1R3-S3"
},
{
"version_affected": "\u003c",
"version_name": "19.1",
"version_value": "19.1R3-S7"
},
{
"version_affected": "!\u003c",
"version_value": "17.3R3-S9"
}
]
}
},
{
"product_name": "Junos OS Evolved",
"version": {
"version_data": [
{
"version_affected": "!",
"version_value": "Any"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the NETISR network queue functionality of Juniper Networks Junos OS kernel allows an attacker to cause a Denial of Service (DoS) by sending crafted genuine packets to a device. During an attack, the routing protocol daemon (rpd) CPU may reach 100% utilization, yet FPC CPUs forwarding traffic will operate normally. This attack occurs when the attackers\u0027 packets are sent over an IPv4 unicast routing equal-cost multi-path (ECMP) unilist selection. Continued receipt and processing of these packets will create a sustained Denial of Service (DoS) condition. An indicator of compromise may be to monitor NETISR drops in the network with the assistance of JTAC. Please contact JTAC for technical support for further guidance. This issue affects: Juniper Networks Junos OS 17.3 version 17.3R3-S9 and later versions prior to 17.3R3-S12; 17.4 version 17.4R3-S3 and later versions prior to 17.4R3-S5; 18.1 version 18.1R3-S11 and later versions prior to 18.1R3-S13; 18.2 version 18.2R3-S6 and later versions; 18.3 version 18.3R3-S4 and later versions prior to 18.3R3-S5; 18.4 version 18.4R3-S5 and later versions prior to 18.4R3-S9; 19.1 version 19.1R3-S3 and later versions prior to 19.1R3-S7. This issue does not affect Juniper Networks Junos OS versions prior to 17.3R3-S9. This issue does not affect Juniper Networks Junos OS Evolved."
}
]
},
"exploit": [
{
"lang": "en",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service (DoS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA11267",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA11267"
}
]
},
"solution": [
{
"lang": "en",
"value": "The following software releases have been updated to resolve this specific issue: 17.3R3-S12, 17.4R3-S5, 18.1R3-S13, 18.3R3-S5, 18.4R3-S9, 19.1R3-S7, and all subsequent releases."
}
],
"source": {
"advisory": "JSA11267",
"defect": [
"1580066"
],
"discovery": "USER"
},
"work_around": [
{
"lang": "en",
"value": "There are no available workarounds for this issue."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"assignerShortName": "juniper",
"cveId": "CVE-2022-22159",
"datePublished": "2022-01-19T00:21:02.359027Z",
"dateReserved": "2021-12-21T00:00:00",
"dateUpdated": "2024-09-16T20:37:13.987Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2022-22159\",\"sourceIdentifier\":\"sirt@juniper.net\",\"published\":\"2022-01-19T01:15:08.507\",\"lastModified\":\"2023-08-08T14:22:24.967\",\"vulnStatus\":\"Analyzed\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability in the NETISR network queue functionality of Juniper Networks Junos OS kernel allows an attacker to cause a Denial of Service (DoS) by sending crafted genuine packets to a device. During an attack, the routing protocol daemon (rpd) CPU may reach 100% utilization, yet FPC CPUs forwarding traffic will operate normally. This attack occurs when the attackers\u0027 packets are sent over an IPv4 unicast routing equal-cost multi-path (ECMP) unilist selection. Continued receipt and processing of these packets will create a sustained Denial of Service (DoS) condition. An indicator of compromise may be to monitor NETISR drops in the network with the assistance of JTAC. Please contact JTAC for technical support for further guidance. This issue affects: Juniper Networks Junos OS 17.3 version 17.3R3-S9 and later versions prior to 17.3R3-S12; 17.4 version 17.4R3-S3 and later versions prior to 17.4R3-S5; 18.1 version 18.1R3-S11 and later versions prior to 18.1R3-S13; 18.2 version 18.2R3-S6 and later versions; 18.3 version 18.3R3-S4 and later versions prior to 18.3R3-S5; 18.4 version 18.4R3-S5 and later versions prior to 18.4R3-S9; 19.1 version 19.1R3-S3 and later versions prior to 19.1R3-S7. This issue does not affect Juniper Networks Junos OS versions prior to 17.3R3-S9. This issue does not affect Juniper Networks Junos OS Evolved.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad en la funcionalidad NETISR network queue del kernel del Sistema Operativo Junos de Juniper Networks permite a un atacante causar una denegaci\u00f3n de servicio (DoS) mediante el env\u00edo de paquetes genuinos dise\u00f1ados a un dispositivo. Durante un ataque, la CPU del demonio del protocolo de enrutamiento (rpd) puede alcanzar el 100% de uso, aunque las CPU de la FPC que reenv\u00edan el tr\u00e1fico funcionar\u00e1n normalmente. Este ataque es producido cuando los paquetes de los atacantes son enviados a trav\u00e9s de una selecci\u00f3n unilista de enrutamiento IPv4 unicast de igual coste y m\u00faltiples rutas (ECMP). La recepci\u00f3n y el procesamiento continuos de estos paquetes crear\u00e1n una condici\u00f3n sostenida de denegaci\u00f3n de servicio (DoS). Un indicador de compromiso puede ser monitorear las ca\u00eddas de NETISR en la red con la ayuda de JTAC. Por favor, p\u00f3ngase en contacto con el JTAC para el apoyo t\u00e9cnico para obtener m\u00e1s orientaci\u00f3n. Este problema afecta: Juniper Networks Junos OS 17.3 versi\u00f3n 17.3R3-S9 y versiones posteriores anteriores a 17.3R3-S12; 17.4 versi\u00f3n 17.4R3-S3 y versiones posteriores anteriores a 17.4R3-S5; 18.1 versi\u00f3n 18.1R3-S11 y versiones posteriores anteriores a 18.1R3-S13; 18. 2 versi\u00f3n 18.2R3-S6 y versiones posteriores; 18.3 versi\u00f3n 18.3R3-S4 y versiones posteriores anteriores a 18.3R3-S5; 18.4 versi\u00f3n 18.4R3-S5 y versiones posteriores anteriores a 18.4R3-S9; 19.1 versi\u00f3n 19.1R3-S3 y versiones posteriores anteriores a 19.1R3-S7. Este problema no afecta a versiones del Sistema Operativo Junos de Juniper Networks anteriores a 17.3R3-S9. Este problema no afecta a Juniper Networks Junos OS Evolved\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6},{\"source\":\"sirt@juniper.net\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\",\"baseScore\":5.0},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:17.3:r3-s10:*:*:*:*:*:*\",\"matchCriteriaId\":\"E32BE8B3-C5D9-43D1-B425-28D58EA74DD4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:17.3:r3-s11:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE0C7BD5-4D13-4C20-B2C9-524F72B206F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:17.3:r3-s9:*:*:*:*:*:*\",\"matchCriteriaId\":\"E3AC83F1-2BCF-4159-9719-EB15ADD7663B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:17.4:r3-s3:*:*:*:*:*:*\",\"matchCriteriaId\":\"64CF2868-993A-48C8-8FBA-892507BBBF21\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:17.4:r3-s4:*:*:*:*:*:*\",\"matchCriteriaId\":\"D2D5D460-EC5C-46BF-8017-CB87B45C69BD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.1:r3-s11:*:*:*:*:*:*\",\"matchCriteriaId\":\"2433F883-8545-421E-9CB7-AF36A578E930\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.1:r3-s12:*:*:*:*:*:*\",\"matchCriteriaId\":\"46F9BD74-D57A-4689-81AB-D53DEBABBD5E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.2:r3-s6:*:*:*:*:*:*\",\"matchCriteriaId\":\"3E4F0A1E-B15E-44C3-A55D-8AC016915451\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.2:r3-s7:*:*:*:*:*:*\",\"matchCriteriaId\":\"F2DEF924-0165-41B5-8A9D-A75596433CD2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.2:r3-s8:*:*:*:*:*:*\",\"matchCriteriaId\":\"72BA91B4-6595-4CD1-82F7-535AE2D0305A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.3:r3-s4:*:*:*:*:*:*\",\"matchCriteriaId\":\"75F125DC-3A21-489F-B324-A586F5BA350A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.4:r3-s5:*:*:*:*:*:*\",\"matchCriteriaId\":\"81F6DEA3-F07E-4FD0-87CB-4E8C0B768706\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.4:r3-s6:*:*:*:*:*:*\",\"matchCriteriaId\":\"2C1601BB-CAB7-4C92-8416-1824BB85D820\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.4:r3-s7:*:*:*:*:*:*\",\"matchCriteriaId\":\"14FC491D-8DA8-4E79-A9A6-3629E41C847A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.4:r3-s8:*:*:*:*:*:*\",\"matchCriteriaId\":\"44C4BE2C-814F-49AA-8B64-17245FC01270\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.1:r3-s3:*:*:*:*:*:*\",\"matchCriteriaId\":\"E1F3AEE4-CEB8-4CAA-A48A-1B4647FFFCDB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.1:r3-s4:*:*:*:*:*:*\",\"matchCriteriaId\":\"69E2DF80-63D8-48DD-BC73-C406B7AA3C7D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.1:r3-s5:*:*:*:*:*:*\",\"matchCriteriaId\":\"8120EAC3-DCCB-4429-A372-C0DAA3270A1F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.1:r3-s6:*:*:*:*:*:*\",\"matchCriteriaId\":\"DF81F459-915E-468C-8E82-85F1A601095B\"}]}]}],\"references\":[{\"url\":\"https://kb.juniper.net/JSA11267\",\"source\":\"sirt@juniper.net\",\"tags\":[\"Vendor Advisory\"]}]}}"
}
}
Loading...
Loading...
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.