cve-2022-22184
Vulnerability from cvelistv5
Published
2022-12-23 23:03
Modified
2024-09-17 01:40
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
Junos OS and Junos OS Evolved: A BGP session will flap upon receipt of a specific, optional transitive attribute in version 22.3R1
References
sirt@juniper.nethttps://kb.juniper.net/JSA70175Vendor Advisory
Impacted products
Juniper NetworksJunos OS
Juniper NetworksJunos OS Evolved
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T03:07:49.575Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://kb.juniper.net/JSA70175"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Junos OS",
          "vendor": "Juniper Networks",
          "versions": [
            {
              "lessThan": "22.3R1",
              "status": "unaffected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThan": "22.3R1-S1",
              "status": "affected",
              "version": "22.3",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Junos OS Evolved",
          "vendor": "Juniper Networks",
          "versions": [
            {
              "lessThan": "22.3R1-EVO",
              "status": "unaffected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThan": "22.3R1-S1-EVO",
              "status": "affected",
              "version": "22.3-EVO",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2022-12-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An Improper Input Validation vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacker to cause a Denial of Service (DoS). If a BGP update message is received over an established BGP session, and that message contains a specific, optional transitive attribute, this session will be torn down with an update message error. This issue cannot propagate beyond an affected system as the processing error occurs as soon as the update is received. This issue is exploitable remotely as the respective attribute will propagate through unaffected systems and intermediate AS (if any). Continuous receipt of a BGP update containing this attribute will create a sustained Denial of Service (DoS) condition. Since this issue only affects 22.3R1, Juniper strongly encourages customers to move to 22.3R1-S1. Juniper SIRT felt that the need to promptly warn customers about this issue affecting the 22.3R1 versions of Junos OS and Junos OS Evolved warranted an Out of Cycle JSA. This issue affects: Juniper Networks Junos OS version 22.3R1. Juniper Networks Junos OS Evolved version 22.3R1-EVO. This issue does not affect: Juniper Networks Junos OS versions prior to 22.3R1. Juniper Networks Junos OS Evolved versions prior to 22.3R1-EVO."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20 Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "description": "Denial of Service (DoS)",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-12-22T00:00:00",
        "orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
        "shortName": "juniper"
      },
      "references": [
        {
          "url": "https://kb.juniper.net/JSA70175"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "The following software releases have been updated to resolve this specific issue:\nJunos OS: 22.3R1-S1, 22.3R2, 22.4R1, and all subsequent releases;\nJunos OS Evolved: 22.3R1-S1-EVO, 22.3R2-EVO, 22.4R1-EVO, and all subsequent releases."
        }
      ],
      "source": {
        "advisory": "JSA70175",
        "defect": [
          "1698446"
        ],
        "discovery": "USER"
      },
      "title": "Junos OS and Junos OS Evolved: A BGP session will flap upon receipt of a specific, optional transitive attribute in version 22.3R1",
      "workarounds": [
        {
          "lang": "en",
          "value": "There are no known workarounds for this issue."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
    "assignerShortName": "juniper",
    "cveId": "CVE-2022-22184",
    "datePublished": "2022-12-23T23:03:51.372448Z",
    "dateReserved": "2021-12-21T00:00:00",
    "dateUpdated": "2024-09-17T01:40:33.621Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2022-22184\",\"sourceIdentifier\":\"sirt@juniper.net\",\"published\":\"2022-12-22T22:15:11.627\",\"lastModified\":\"2022-12-30T21:24:17.390\",\"vulnStatus\":\"Analyzed\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"An Improper Input Validation vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacker to cause a Denial of Service (DoS). If a BGP update message is received over an established BGP session, and that message contains a specific, optional transitive attribute, this session will be torn down with an update message error. This issue cannot propagate beyond an affected system as the processing error occurs as soon as the update is received. This issue is exploitable remotely as the respective attribute will propagate through unaffected systems and intermediate AS (if any). Continuous receipt of a BGP update containing this attribute will create a sustained Denial of Service (DoS) condition. Since this issue only affects 22.3R1, Juniper strongly encourages customers to move to 22.3R1-S1. Juniper SIRT felt that the need to promptly warn customers about this issue affecting the 22.3R1 versions of Junos OS and Junos OS Evolved warranted an Out of Cycle JSA. This issue affects: Juniper Networks Junos OS version 22.3R1. Juniper Networks Junos OS Evolved version 22.3R1-EVO. This issue does not affect: Juniper Networks Junos OS versions prior to 22.3R1. Juniper Networks Junos OS Evolved versions prior to 22.3R1-EVO.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad de validaci\u00f3n de entrada incorrecta en Routing Protocol Daemon (rpd) de Juniper Networks Junos OS y Junos OS Evolved permite que un atacante basado en red no autenticado provoque una Denegaci\u00f3n de Servicio (DoS). Si se recibe un mensaje de actualizaci\u00f3n de BGP a trav\u00e9s de una sesi\u00f3n BGP establecida y ese mensaje contiene un atributo transitivo opcional espec\u00edfico, esta sesi\u00f3n se cancelar\u00e1 con un error de mensaje de actualizaci\u00f3n. Este problema no puede propagarse m\u00e1s all\u00e1 de un sistema afectado ya que el error de procesamiento ocurre tan pronto como se recibe la actualizaci\u00f3n. Este problema se puede explotar de forma remota, ya que el atributo respectivo se propagar\u00e1 a trav\u00e9s de sistemas no afectados y AS intermedios (si los hay). La recepci\u00f3n continua de una actualizaci\u00f3n de BGP que contiene este atributo crear\u00e1 una condici\u00f3n sostenida de Denegaci\u00f3n de Servicio (DoS). Dado que este problema solo afecta a 22.3R1, Juniper recomienda encarecidamente a los clientes que migren a 22.3R1-S1. Juniper SIRT consider\u00f3 que la necesidad de advertir r\u00e1pidamente a los clientes sobre este problema que afecta a las versiones 22.3R1 de Junos OS y Junos OS Evolved justificaba un JSA fuera de ciclo. Este problema afecta a: Juniper Networks Junos OS versi\u00f3n 22.3R1. Juniper Networks Junos OS versi\u00f3n evolucionada 22.3R1-EVO. Este problema no afecta a: Versiones de Juniper Networks Junos OS anteriores a 22.3R1. Versiones evolucionadas de Juniper Networks Junos OS anteriores a 22.3R1-EVO.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"sirt@juniper.net\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]},{\"source\":\"sirt@juniper.net\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:22.3:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"19519212-51DD-4448-B115-8A20A40192CC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:22.3:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"433631CA-3AC4-4D66-9B46-AEA4209347F1\"}]}]}],\"references\":[{\"url\":\"https://kb.juniper.net/JSA70175\",\"source\":\"sirt@juniper.net\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.