cve-2022-22213
Vulnerability from cvelistv5
Published
2022-07-20 14:15
Modified
2024-09-16 16:22
Summary
Junos OS and Junos OS Evolved: Denial of Service (DoS) vulnerability in RPD upon receipt of specific BGP update
References
Impacted products
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T03:07:49.919Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kb.juniper.net/JSA69717"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Junos OS",
          "vendor": "Juniper Networks",
          "versions": [
            {
              "lessThan": "21.1",
              "status": "unaffected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThan": "21.1R3-S1",
              "status": "affected",
              "version": "21.1",
              "versionType": "custom"
            },
            {
              "lessThan": "21.2R2-S2, 21.2R3",
              "status": "affected",
              "version": "21.2",
              "versionType": "custom"
            },
            {
              "lessThan": "21.3R2, 21.3R3",
              "status": "affected",
              "version": "21.3",
              "versionType": "custom"
            },
            {
              "lessThan": "21.4R1-S1, 21.4R2",
              "status": "affected",
              "version": "21.4",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Junos OS Evolved",
          "vendor": "Juniper Networks",
          "versions": [
            {
              "lessThan": "21.1-EVO",
              "status": "unaffected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThan": "21.1R3-S1-EVO",
              "status": "affected",
              "version": "21.1",
              "versionType": "custom"
            },
            {
              "lessThan": "21.2*",
              "status": "affected",
              "version": "21.2R1-EVO",
              "versionType": "custom"
            },
            {
              "lessThan": "21.3R3-EVO",
              "status": "affected",
              "version": "21.3",
              "versionType": "custom"
            },
            {
              "lessThan": "21.4R1-S1-EVO, 21.4R2-EVO",
              "status": "affected",
              "version": "21.4",
              "versionType": "custom"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "value": "A sample configuration of BGP multipath is shown below:\n\n  set protocols bgp group external type external\n  set protocols bgp group external peer-as 64501\n  set protocols bgp group external multipath\n  set protocols bgp group external neighbor 10.0.1.1\n  set protocols bgp group external neighbor 10.0.0.2\n  set policy-options policy-statement loadbal from route-filter 10.0.0.0/16 orlonger\n  set policy-options policy-statement loadbal then load-balance per-packet\n  set routing-options forwarding-table export loadbal\n  set routing-options autonomous-system 64500"
        }
      ],
      "datePublic": "2022-07-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in Handling of Undefined Values in the routing protocol daemon (RPD) process of Juniper Networks Junos OS and Junos OS Evolved may allow an unauthenticated network-based attacker to crash the RPD process by sending a specific BGP update while the system is under heavy load, leading to a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. Malicious exploitation of this issue requires a very specific combination of load, timing, and configuration of the vulnerable system which is beyond the direct control of the attacker. Internal reproduction has only been possible through artificially created load and specially instrumented source code. Systems are only vulnerable to this issue if BGP multipath is enabled. Routers not configured for BGP multipath are not vulnerable to this issue. This issue affects: Juniper Networks Junos OS: 21.1 versions prior to 21.1R3-S1; 21.2 versions prior to 21.2R2-S2, 21.2R3; 21.3 versions prior to 21.3R2, 21.3R3; 21.4 versions prior to 21.4R1-S1, 21.4R2. Juniper Networks Junos OS Evolved: 21.1 versions prior to 21.1R3-S1-EVO; 21.2 version 21.2R1-EVO and later versions; 21.3 versions prior to 21.3R3-EVO; 21.4 versions prior to 21.4R1-S1-EVO, 21.4R2-EVO. This issue does not affect: Juniper Networks Junos OS versions prior to 21.1. Juniper Networks Junos OS Evolved versions prior to 21.1-EVO."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-232",
              "description": "CWE-232 Improper Handling of Undefined Values",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "description": "Denial of Service (DoS)",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-07-20T14:15:23",
        "orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
        "shortName": "juniper"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kb.juniper.net/JSA69717"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "The following software releases have been updated to resolve this specific issue: \n\nJunos OS Evolved: 21.1R3-S1-EVO, 21.3R3-EVO, 21.4R1-S1-EVO, 21.4R2-EVO, 22.1R1-EVO\nJunos OS: 21.1R3-S1, 21.2R2-S2, 21.2R3, 21.3R2, 21.4R1-S1, 21.4R2, 22.1R1, and all subsequent releases."
        }
      ],
      "source": {
        "advisory": "JSA69717",
        "defect": [
          "1642741"
        ],
        "discovery": "USER"
      },
      "title": "Junos OS and Junos OS Evolved: Denial of Service (DoS) vulnerability in RPD upon receipt of specific BGP update",
      "workarounds": [
        {
          "lang": "en",
          "value": "Disable BGP multipath, or configure \u0027set protocols bgp multipath-build deferred\u0027."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "sirt@juniper.net",
          "DATE_PUBLIC": "2022-07-13T16:00:00.000Z",
          "ID": "CVE-2022-22213",
          "STATE": "PUBLIC",
          "TITLE": "Junos OS and Junos OS Evolved: Denial of Service (DoS) vulnerability in RPD upon receipt of specific BGP update"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Junos OS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "21.1",
                            "version_value": "21.1R3-S1"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "21.2",
                            "version_value": "21.2R2-S2, 21.2R3"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "21.3",
                            "version_value": "21.3R2, 21.3R3"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "21.4",
                            "version_value": "21.4R1-S1, 21.4R2"
                          },
                          {
                            "version_affected": "!\u003c",
                            "version_value": "21.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Junos OS Evolved",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "21.1",
                            "version_value": "21.1R3-S1-EVO"
                          },
                          {
                            "version_affected": "\u003e=",
                            "version_name": "21.2",
                            "version_value": "21.2R1-EVO"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "21.3",
                            "version_value": "21.3R3-EVO"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "21.4",
                            "version_value": "21.4R1-S1-EVO, 21.4R2-EVO"
                          },
                          {
                            "version_affected": "!\u003c",
                            "version_value": "21.1-EVO"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Juniper Networks"
              }
            ]
          }
        },
        "configuration": [
          {
            "lang": "en",
            "value": "A sample configuration of BGP multipath is shown below:\n\n  set protocols bgp group external type external\n  set protocols bgp group external peer-as 64501\n  set protocols bgp group external multipath\n  set protocols bgp group external neighbor 10.0.1.1\n  set protocols bgp group external neighbor 10.0.0.2\n  set policy-options policy-statement loadbal from route-filter 10.0.0.0/16 orlonger\n  set policy-options policy-statement loadbal then load-balance per-packet\n  set routing-options forwarding-table export loadbal\n  set routing-options autonomous-system 64500"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability in Handling of Undefined Values in the routing protocol daemon (RPD) process of Juniper Networks Junos OS and Junos OS Evolved may allow an unauthenticated network-based attacker to crash the RPD process by sending a specific BGP update while the system is under heavy load, leading to a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. Malicious exploitation of this issue requires a very specific combination of load, timing, and configuration of the vulnerable system which is beyond the direct control of the attacker. Internal reproduction has only been possible through artificially created load and specially instrumented source code. Systems are only vulnerable to this issue if BGP multipath is enabled. Routers not configured for BGP multipath are not vulnerable to this issue. This issue affects: Juniper Networks Junos OS: 21.1 versions prior to 21.1R3-S1; 21.2 versions prior to 21.2R2-S2, 21.2R3; 21.3 versions prior to 21.3R2, 21.3R3; 21.4 versions prior to 21.4R1-S1, 21.4R2. Juniper Networks Junos OS Evolved: 21.1 versions prior to 21.1R3-S1-EVO; 21.2 version 21.2R1-EVO and later versions; 21.3 versions prior to 21.3R3-EVO; 21.4 versions prior to 21.4R1-S1-EVO, 21.4R2-EVO. This issue does not affect: Juniper Networks Junos OS versions prior to 21.1. Juniper Networks Junos OS Evolved versions prior to 21.1-EVO."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
          }
        ],
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-232 Improper Handling of Undefined Values"
                }
              ]
            },
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Denial of Service (DoS)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://kb.juniper.net/JSA69717",
              "refsource": "CONFIRM",
              "url": "https://kb.juniper.net/JSA69717"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "The following software releases have been updated to resolve this specific issue: \n\nJunos OS Evolved: 21.1R3-S1-EVO, 21.3R3-EVO, 21.4R1-S1-EVO, 21.4R2-EVO, 22.1R1-EVO\nJunos OS: 21.1R3-S1, 21.2R2-S2, 21.2R3, 21.3R2, 21.4R1-S1, 21.4R2, 22.1R1, and all subsequent releases."
          }
        ],
        "source": {
          "advisory": "JSA69717",
          "defect": [
            "1642741"
          ],
          "discovery": "USER"
        },
        "work_around": [
          {
            "lang": "en",
            "value": "Disable BGP multipath, or configure \u0027set protocols bgp multipath-build deferred\u0027."
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
    "assignerShortName": "juniper",
    "cveId": "CVE-2022-22213",
    "datePublished": "2022-07-20T14:15:23.806619Z",
    "dateReserved": "2021-12-21T00:00:00",
    "dateUpdated": "2024-09-16T16:22:28.305Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2022-22213\",\"sourceIdentifier\":\"sirt@juniper.net\",\"published\":\"2022-07-20T15:15:08.827\",\"lastModified\":\"2022-07-29T22:46:41.723\",\"vulnStatus\":\"Analyzed\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability in Handling of Undefined Values in the routing protocol daemon (RPD) process of Juniper Networks Junos OS and Junos OS Evolved may allow an unauthenticated network-based attacker to crash the RPD process by sending a specific BGP update while the system is under heavy load, leading to a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. Malicious exploitation of this issue requires a very specific combination of load, timing, and configuration of the vulnerable system which is beyond the direct control of the attacker. Internal reproduction has only been possible through artificially created load and specially instrumented source code. Systems are only vulnerable to this issue if BGP multipath is enabled. Routers not configured for BGP multipath are not vulnerable to this issue. This issue affects: Juniper Networks Junos OS: 21.1 versions prior to 21.1R3-S1; 21.2 versions prior to 21.2R2-S2, 21.2R3; 21.3 versions prior to 21.3R2, 21.3R3; 21.4 versions prior to 21.4R1-S1, 21.4R2. Juniper Networks Junos OS Evolved: 21.1 versions prior to 21.1R3-S1-EVO; 21.2 version 21.2R1-EVO and later versions; 21.3 versions prior to 21.3R3-EVO; 21.4 versions prior to 21.4R1-S1-EVO, 21.4R2-EVO. This issue does not affect: Juniper Networks Junos OS versions prior to 21.1. Juniper Networks Junos OS Evolved versions prior to 21.1-EVO.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad en el manejo de valores no definidos en el proceso del demonio del protocolo de enrutamiento (RPD) de Juniper Networks Junos OS y Junos OS Evolved puede permitir a un atacante no autenticado basado en la red bloquear el proceso RPD enviando una actualizaci\u00f3n BGP espec\u00edfica mientras el sistema est\u00e1 bajo una gran carga, conllevando a una Denegaci\u00f3n de Servicio (DoS). La recepci\u00f3n y el procesamiento continuado de este paquete crear\u00e1 una condici\u00f3n de Denegaci\u00f3n de Servicio (DoS) sostenida. La explotaci\u00f3n maliciosa de este problema requiere una combinaci\u00f3n muy espec\u00edfica de carga, tiempo y configuraci\u00f3n del sistema vulnerable que est\u00e1 fuera del control directo del atacante. La reproducci\u00f3n interna s\u00f3lo ha sido posible mediante una carga creada artificialmente y un c\u00f3digo fuente especialmente instrumentado. Los sistemas s\u00f3lo son vulnerables a este problema si BGP multipath est\u00e1 habilitado. Los routers no configurados para BGP multipath no son vulnerables a este problema. Este problema afecta a: Juniper Networks Junos OS: Versiones 21.1 anteriores a 21.1R3-S1; versiones 21.2 anteriores a 21.2R2-S2, 21.2R3; versiones 21.3 anteriores a 21.3R2, 21.3R3; versiones 21.4 anteriores a 21.4R1-S1, 21.4R2. Juniper Networks Junos OS Evolved: versiones 21.1 anteriores a 21.1R3-S1-EVO; versiones 21.2 21.2R1-EVO y posteriores; versiones 21.3 anteriores a 21.3R3-EVO; versiones 21.4 anteriores a 21.4R1-S1-EVO, 21.4R2-EVO. Este problema no afecta a: Las versiones del Sistema Operativo Junos de Juniper Networks anteriores a 21.1. Las versiones del Sistema Operativo Junos Evolved de Juniper Networks anteriores a 21.1-EVO\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\",\"baseScore\":5.9,\"baseSeverity\":\"MEDIUM\"},\"exploitabilityScore\":2.2,\"impactScore\":3.6},{\"source\":\"sirt@juniper.net\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\",\"baseScore\":5.9,\"baseSeverity\":\"MEDIUM\"},\"exploitabilityScore\":2.2,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]},{\"source\":\"sirt@juniper.net\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-232\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"6FDB5B7D-FB37-47E3-8678-B9ED578CCA5F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.1:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"625BA7E6-D2AD-4A48-9B94-24328BE5B06A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.1:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"F462F4E3-762C-429F-8D25-5521100DD37C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.1:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"C0BC9DAC-D6B5-4C5E-8C73-6E550D9A30F5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.1:r2-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"689FE1AE-7A85-4FB6-AB02-E732F23581B6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.1:r2-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"79E56DAC-75AD-4C81-9835-634B40C15DA6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.1:r3:*:*:*:*:*:*\",\"matchCriteriaId\":\"A0040FE2-7ECD-4755-96CE-E899BA298E0C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.2:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"216E7DDE-453D-481F-92E2-9F8466CDDA3F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.2:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"A52AF794-B36B-43A6-82E9-628658624B0A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.2:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"3998DC76-F72F-4452-9150-652140B113EB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.2:r1-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"36ED4552-2420-45F9-B6E4-6DA2B2B12870\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.2:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"C28A14E7-7EA0-4757-9764-E39A27CFDFA5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.2:r2-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"4A43752D-A4AF-4B4E-B95B-192E42883A5B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.2:r2-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"42986538-E9D0-4C2E-B1C4-A763A4EE451B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.3:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"2E7D597D-F6B6-44C3-9EBC-4FA0686ACB5C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.3:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"CC78A4CB-D617-43FC-BB51-287D2D0C44ED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.3:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"30FF67F8-1E3C-47A8-8859-709B3614BA6E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.3:r1-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"0C7C507E-C85E-4BC6-A3B0-549516BAB524\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.3:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"6514CDE8-35DC-469F-89A3-078684D18F7A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.4:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"79ED3CE8-CC57-43AB-9A26-BBC87816062D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.4:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"4310D2D9-A8A6-48F8-9384-0A0692A1E1C3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:21.4:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"9962B01C-C57C-4359-9532-676AB81CE8B0\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:21.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"52C3552E-798F-4719-B38D-F74E34EAAA40\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:21.1:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"AE674DD3-3590-4434-B144-5AD7EB5F039D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:21.1:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"0099BDA9-9D4B-4D6C-8234-EFD9E8C63476\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:21.1:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"D8729BC1-FB09-4E6D-A5D5-8BDC589555B6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:21.1:r3:*:*:*:*:*:*\",\"matchCriteriaId\":\"9D72C3DF-4513-48AC-AAED-C1AADF0794E1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:21.2:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"620B0CDD-5566-472E-B96A-31D2C12E3120\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:21.2:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"3EA3DC63-B290-4D15-BEF9-21DEF36CA2EA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:21.2:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E1E57AF-979B-4022-8AD6-B3558E06B718\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:21.2:r1-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"144730FB-7622-4B3D-9C47-D1B7A7FB7EB0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:21.2:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"7BA246F0-154E-4F44-A97B-690D22FA73DD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:21.2:r2-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"25D6C07C-F96E-4523-BB54-7FEABFE1D1ED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:21.2:r2-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"2B70C784-534B-4FAA-A5ED-3709656E2B97\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:21.2:r3:*:*:*:*:*:*\",\"matchCriteriaId\":\"60448FFB-568E-4280-9261-ADD65244F31A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:21.3:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"4EC38173-44AB-43D5-8C27-CB43AD5E0B2E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:21.3:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"5A4DD04A-DE52-46BE-8C34-8DB47F7500F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:21.3:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"FEE0E145-8E1C-446E-90ED-237E3B9CAF47\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:21.3:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"0F26369D-21B2-4C6A-98C1-492692A61283\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:21.4:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"2E907193-075E-45BC-9257-9607DB790D71\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:21.4:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"8B73A41D-3FF5-4E53-83FF-74DF58E0D6C3\"}]}]}],\"references\":[{\"url\":\"https://kb.juniper.net/JSA69717\",\"source\":\"sirt@juniper.net\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading...

Loading...

Loading...

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.