FKIE_CVE-2022-22153

Vulnerability from fkie_nvd - Published: 2022-01-19 01:15 - Updated: 2024-11-21 06:46
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
An Insufficient Algorithmic Complexity combined with an Allocation of Resources Without Limits or Throttling vulnerability in the flow processing daemon (flowd) of Juniper Networks Junos OS on SRX Series and MX Series with SPC3 allows an unauthenticated network attacker to cause latency in transit packet processing and even packet loss. If transit traffic includes a significant percentage (> 5%) of fragmented packets which need to be reassembled, high latency or packet drops might be observed. This issue affects Juniper Networks Junos OS on SRX Series, MX Series with SPC3: All versions prior to 18.2R3; 18.3 versions prior to 18.3R3; 18.4 versions prior to 18.4R2-S9, 18.4R3; 19.1 versions prior to 19.1R2; 19.2 versions prior to 19.2R1-S1, 19.2R2.
References
sirt@juniper.nethttps://kb.juniper.net/JSA11261Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://kb.juniper.net/JSA11261Vendor Advisory
Impacted products
Vendor Product Version
juniper junos *
juniper junos 18.2
juniper junos 18.2
juniper junos 18.2
juniper junos 18.2
juniper junos 18.2
juniper junos 18.2
juniper junos 18.2
juniper junos 18.2
juniper junos 18.2
juniper junos 18.2
juniper junos 18.2
juniper junos 18.2
juniper junos 18.2
juniper junos 18.2
juniper junos 18.2
juniper junos 18.2
juniper junos 18.2
juniper junos 18.3
juniper junos 18.3
juniper junos 18.3
juniper junos 18.3
juniper junos 18.3
juniper junos 18.3
juniper junos 18.3
juniper junos 18.3
juniper junos 18.3
juniper junos 18.3
juniper junos 18.3
juniper junos 18.3
juniper junos 18.3
juniper junos 18.3
juniper junos 18.4
juniper junos 18.4
juniper junos 18.4
juniper junos 18.4
juniper junos 18.4
juniper junos 18.4
juniper junos 18.4
juniper junos 18.4
juniper junos 18.4
juniper junos 18.4
juniper junos 18.4
juniper junos 18.4
juniper junos 18.4
juniper junos 18.4
juniper junos 18.4
juniper junos 18.4
juniper junos 18.4
juniper junos 18.4
juniper junos 19.1
juniper junos 19.1
juniper junos 19.1
juniper junos 19.1
juniper junos 19.1
juniper junos 19.1
juniper junos 19.1
juniper junos 19.1
juniper junos 19.2
juniper junos 19.2
juniper mx10 -
juniper mx10000 -
juniper mx10003 -
juniper mx10008 -
juniper mx10016 -
juniper mx104 -
juniper mx150 -
juniper mx2008 -
juniper mx2010 -
juniper mx2020 -
juniper mx204 -
juniper mx240 -
juniper mx40 -
juniper mx480 -
juniper mx5 -
juniper mx80 -
juniper mx960 -
juniper srx100 -
juniper srx110 -
juniper srx1400 -
juniper srx1500 -
juniper srx210 -
juniper srx220 -
juniper srx240 -
juniper srx240h2 -
juniper srx300 -
juniper srx320 -
juniper srx340 -
juniper srx3400 -
juniper srx345 -
juniper srx3600 -
juniper srx380 -
juniper srx4000 -
juniper srx4100 -
juniper srx4200 -
juniper srx4600 -
juniper srx5000 -
juniper srx5400 -
juniper srx550 -
juniper srx550_hm -
juniper srx550m -
juniper srx5600 -
juniper srx5800 -
juniper srx650 -
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E927B74-FBDA-4235-96D5-4E0735F3EDB3",
              "versionEndExcluding": "18.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.2:-:*:*:*:*:*:*",
              "matchCriteriaId": "A8B5BD93-3C11-45D5-ACF0-7C4C01106C8A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.2:r:*:*:*:*:*:*",
              "matchCriteriaId": "9359A058-6B77-4DEE-B28A-D5CD906EBAFF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.2:r1:*:*:*:*:*:*",
              "matchCriteriaId": "167EEC4F-729E-47C2-B0F8-E8108CE3E985",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.2:r1:-:*:*:*:*:*",
              "matchCriteriaId": "90BF177D-A895-4D05-B674-B27420A5DC6B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.2:r1-s2:*:*:*:*:*:*",
              "matchCriteriaId": "0070B31B-59DC-46E9-93E0-1E8BF3560BFC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.2:r1-s3:*:*:*:*:*:*",
              "matchCriteriaId": "A893CCE5-96B8-44A1-ABEF-6AB9B527B2FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.2:r1-s4:*:*:*:*:*:*",
              "matchCriteriaId": "42203801-E2E7-4DCF-ABBB-D23A91B2A9FF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.2:r1-s5:*:*:*:*:*:*",
              "matchCriteriaId": "238EC996-8E8C-4332-916F-09E54E6EBB9D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.2:r2:*:*:*:*:*:*",
              "matchCriteriaId": "5F711936-33A1-47FC-A6A0-A63088915815",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.2:r2-s1:*:*:*:*:*:*",
              "matchCriteriaId": "21B7820C-01D2-401C-9E6D-C83994FD5961",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.2:r2-s2:*:*:*:*:*:*",
              "matchCriteriaId": "3D2FBD29-2CAC-41B4-9336-671373EF4A7C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.2:r2-s3:*:*:*:*:*:*",
              "matchCriteriaId": "EEFCDA90-67E2-4AEF-800C-1D29A9121B8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.2:r2-s4:*:*:*:*:*:*",
              "matchCriteriaId": "74B99981-840F-4DAD-976A-5DAEFE9FB93D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.2:r2-s5:*:*:*:*:*:*",
              "matchCriteriaId": "BDD3ADB9-35FF-41D3-92BD-98D6D4826B03",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.2:r2-s6:*:*:*:*:*:*",
              "matchCriteriaId": "341F2459-8335-40E9-A2B3-BE804D319F95",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.2:r2-s7:*:*:*:*:*:*",
              "matchCriteriaId": "0CD17956-8E8C-489D-927A-5709C05EA705",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.2:r2-s8:*:*:*:*:*:*",
              "matchCriteriaId": "27D9AEBC-2CA3-4E17-9543-D60B10BA2AE1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.3:-:*:*:*:*:*:*",
              "matchCriteriaId": "1BB9C2BB-D20B-41E9-B75F-7FAD9ECCDB99",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.3:r:*:*:*:*:*:*",
              "matchCriteriaId": "1B40785E-8A3C-4087-B2B9-9A2E4BEFF421",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.3:r1:*:*:*:*:*:*",
              "matchCriteriaId": "5342C3DC-D640-47AB-BD76-3444852988A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.3:r1-s1:*:*:*:*:*:*",
              "matchCriteriaId": "8AB8585E-EDC6-4400-BEE3-3A6A7C922C90",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.3:r1-s2:*:*:*:*:*:*",
              "matchCriteriaId": "A2ABC574-B3FC-4025-B50D-7F9EEB28C806",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.3:r1-s3:*:*:*:*:*:*",
              "matchCriteriaId": "6F6EAFC3-C3AC-4361-8530-39FCF89702F7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.3:r1-s4:*:*:*:*:*:*",
              "matchCriteriaId": "92FB1BF6-8852-45D8-817C-36CDBE730801",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.3:r1-s5:*:*:*:*:*:*",
              "matchCriteriaId": "6B363298-315C-4FD5-9417-C5B82883A224",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.3:r1-s6:*:*:*:*:*:*",
              "matchCriteriaId": "EB08FF7B-01F5-4A19-858E-E2CD19D61A62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.3:r2:*:*:*:*:*:*",
              "matchCriteriaId": "B7A3FBD3-5399-42A9-9BD9-E3C981CBD6DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.3:r2-s1:*:*:*:*:*:*",
              "matchCriteriaId": "4EBD361C-8B4D-43EF-8B82-9FE165D8206E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.3:r2-s2:*:*:*:*:*:*",
              "matchCriteriaId": "6E7539C4-6208-43EB-9A0B-4852D0CE0FA1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.3:r2-s3:*:*:*:*:*:*",
              "matchCriteriaId": "35299B02-DC75-458D-B86D-8A0DB95B06AA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.3:r2-s4:*:*:*:*:*:*",
              "matchCriteriaId": "9BAC3EF2-3339-4E3C-9C6D-E854EBBDEF9C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.4:-:*:*:*:*:*:*",
              "matchCriteriaId": "74CA9010-D3DE-487B-B46F-589A48AB0F0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.4:r1:*:*:*:*:*:*",
              "matchCriteriaId": "A38F224C-8E9B-44F3-9D4F-6C9F04F57927",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.4:r1-s1:*:*:*:*:*:*",
              "matchCriteriaId": "853F146A-9A0F-49B6-AFD2-9907434212F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.4:r1-s2:*:*:*:*:*:*",
              "matchCriteriaId": "8F73B88B-E66C-4ACD-B38D-9365FB230ABA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.4:r1-s3:*:*:*:*:*:*",
              "matchCriteriaId": "EE1F82EC-3222-4158-8923-59CDA1909A9C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.4:r1-s4:*:*:*:*:*:*",
              "matchCriteriaId": "8FE95D15-B5E5-4E74-9464-C72D8B646A6B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.4:r1-s5:*:*:*:*:*:*",
              "matchCriteriaId": "C012CD07-706A-4E1C-B399-C55AEF5C8309",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.4:r1-s6:*:*:*:*:*:*",
              "matchCriteriaId": "A0C26E59-874A-4D87-9E7F-E366F4D65ED1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.4:r1-s7:*:*:*:*:*:*",
              "matchCriteriaId": "75902119-60D0-49F8-8E01-666E0F75935A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.4:r2:*:*:*:*:*:*",
              "matchCriteriaId": "D59D7A31-128B-4034-862B-8EF3CE3EE949",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.4:r2-s1:*:*:*:*:*:*",
              "matchCriteriaId": "0C5E097B-B79E-4E6A-9291-C8CB9674FED5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.4:r2-s2:*:*:*:*:*:*",
              "matchCriteriaId": "819FA3ED-F934-4B20-BC0E-D638ACCB7787",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.4:r2-s3:*:*:*:*:*:*",
              "matchCriteriaId": "3D7D773A-4988-4D7C-A105-1885EBE14426",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.4:r2-s4:*:*:*:*:*:*",
              "matchCriteriaId": "1BD93674-9375-493E-BD6C-8AD41CC75DD4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.4:r2-s5:*:*:*:*:*:*",
              "matchCriteriaId": "34E28FD9-1089-42F7-8586-876DBEC965DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.4:r2-s6:*:*:*:*:*:*",
              "matchCriteriaId": "B7E72C49-1849-4A6F-81BC-D03F06D47D6D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.4:r2-s7:*:*:*:*:*:*",
              "matchCriteriaId": "541535BD-20DC-4489-91A7-F6CBC6802352",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.4:r2-s8:*:*:*:*:*:*",
              "matchCriteriaId": "924C4EAC-2A52-45A9-BE0F-B62F070C3E3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "768C0EB7-8456-4BF4-8598-3401A54D21DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "5332B70A-F6B0-4C3B-90E2-5CBFB3326126",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.1:r1-s1:*:*:*:*:*:*",
              "matchCriteriaId": "81439FE8-5405-45C2-BC04-9823D2009A77",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.1:r1-s2:*:*:*:*:*:*",
              "matchCriteriaId": "E506138D-043E-485D-B485-94A2AB75F8E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.1:r1-s3:*:*:*:*:*:*",
              "matchCriteriaId": "0EF3C901-3599-463F-BEFB-8858768DC195",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.1:r1-s4:*:*:*:*:*:*",
              "matchCriteriaId": "CD806778-A995-4A9B-9C05-F4D7B1CB1F7D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.1:r1-s5:*:*:*:*:*:*",
              "matchCriteriaId": "02B42BE8-1EF2-47F7-9F10-DE486A017EED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.1:r1-s6:*:*:*:*:*:*",
              "matchCriteriaId": "0B372356-D146-420B-95C3-381D0383B595",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.2:-:*:*:*:*:*:*",
              "matchCriteriaId": "0E7545CE-6300-4E81-B5AF-2BE150C1B190",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.2:r1:*:*:*:*:*:*",
              "matchCriteriaId": "4CA3060F-1800-4A06-A453-FB8CE4B65312",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:juniper:mx10:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "52699E2B-450A-431C-81E3-DC4483C8B4F2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:mx10000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D97AF6F8-3D50-4D35-BCB1-54E3BEC69B9F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:mx10003:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5627740-42E3-4FB1-B8B9-0B768AFFA1EC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:mx10008:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6F0EA2F-BF7E-45D0-B2B4-8A7B67A9475A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:mx10016:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C39DA74D-F5C7-4C11-857D-50631A110644",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:mx104:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F72C850A-0530-4DB7-A553-7E19F82122B5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:mx150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FE2089C-F341-4DC1-B76D-633BC699306D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:mx2008:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FEF33EB-B2E0-42EF-A1BB-D41021B6D08F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:mx2010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "27175D9A-CA2C-4218-8042-835E25DFCA43",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:mx2020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "00C7FC57-8ACF-45AA-A227-7E3B350FD24F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:mx204:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2754C2DF-DF6E-4109-9463-38B4E0465B77",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:mx240:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4A26704-A6A4-4C4F-9E12-A0A0259491EF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:mx40:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C982A2FF-A1F9-4830-BAB6-77CFCE1F093F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:mx480:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "104858BD-D31D-40E0-8524-2EC311F10EAC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:mx5:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B557965-0040-4048-B56C-F564FF28635B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:mx80:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB875EBD-A3CD-4466-B2A3-39D47FF94592",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:mx960:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5E08E1E-0FE4-4294-9497-BBFFECA2A220",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "561C1113-3D59-4DD9-ADA7-3C9ECC4632EC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "78C6D8A0-92D3-4FD3-BCC1-CC7C87B76317",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "927EAB8B-EC3B-4B12-85B9-5517EBA49A30",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CEBF85C-736A-4E7D-956A-3E8210D4F70B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD647C15-A686-4C8F-A766-BC29404C0FED",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "45AB1622-1AED-4CD7-98F1-67779CDFC321",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "89276D88-3B8D-4168-A2CD-0920297485F2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx240h2:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E020556B-693F-4963-BA43-3164AB50FA49",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB5AB24B-2B43-43DD-AE10-F758B4B19F2A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "80F9DC32-5ADF-4430-B1A6-357D0B29DB78",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B82D4C4-7A65-409A-926F-33C054DCBFBA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "746C3882-2A5B-4215-B259-EB1FD60C513D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE535749-F4CE-4FFA-B23D-BF09C92481E5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDE64EC0-7E42-43AF-A8FA-1A233BD3E3BC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx380:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2305DA9D-E6BA-48F4-80CF-9E2DE7661B2F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx4000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "06A03463-6B1D-4DBA-9E89-CAD5E899B98B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3AA8999C-8AE4-416F-BA2A-B1A21F33B4D7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CCC5F6F5-4347-49D3-909A-27A3A96D36C9",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "56BA6B86-D3F4-4496-AE46-AC513C6560FA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx5000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5ABA347C-3EF3-4F75-B4D1-54590A57C2BC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FDDC897-747F-44DD-9599-7266F9B5B7B1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "62FC145A-D477-4C86-89E7-F70F52773801",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx550_hm:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "06685D0E-A075-49A5-9EF4-34F0F795C8C6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx550m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "52F0B735-8C49-4B08-950A-296C9CDE43CA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "68CA098D-CBE4-4E62-9EC0-43E1B6098710",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "66F474D4-79B6-4525-983C-9A9011BD958B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8AA424D4-4DBF-4E8C-96B8-E37741B5403E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An Insufficient Algorithmic Complexity combined with an Allocation of Resources Without Limits or Throttling vulnerability in the flow processing daemon (flowd) of Juniper Networks Junos OS on SRX Series and MX Series with SPC3 allows an unauthenticated network attacker to cause latency in transit packet processing and even packet loss. If transit traffic includes a significant percentage (\u003e 5%) of fragmented packets which need to be reassembled, high latency or packet drops might be observed. This issue affects Juniper Networks Junos OS on SRX Series, MX Series with SPC3: All versions prior to 18.2R3; 18.3 versions prior to 18.3R3; 18.4 versions prior to 18.4R2-S9, 18.4R3; 19.1 versions prior to 19.1R2; 19.2 versions prior to 19.2R1-S1, 19.2R2."
    },
    {
      "lang": "es",
      "value": "Una Complejidad Algor\u00edtmica no Suficiente Combinada con una vulnerabilidad de Asignaci\u00f3n de Recursos sin L\u00edmites o Estrangulamiento en el demonio de procesamiento de flujos (flowd) de Junos OS de Juniper Networks en las series SRX y MX con SPC3 permite a un atacante de red no autenticado causar latencia en el procesamiento de paquetes en tr\u00e1nsito e incluso la p\u00e9rdida de paquetes. Si el tr\u00e1fico de tr\u00e1nsito incluye un porcentaje significativo (m\u00e1s del 5%) de paquetes fragmentados que deben volver a ensamblarse, puede observarse una alta latencia o p\u00e9rdidas de paquetes. Este problema afecta a Juniper Networks Junos OS en las series SRX y MX con SPC3: todas las versiones anteriores a 18.2R3; versiones 18.3 anteriores a 18.3R3; versiones 18.4 anteriores a 18.4R2-S9, 18.4R3; versiones 19.1 anteriores a 19.1R2; versiones 19.2 anteriores a 19.2R1-S1, versi\u00f3n 19.2R2"
    }
  ],
  "id": "CVE-2022-22153",
  "lastModified": "2024-11-21T06:46:15.933",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "sirt@juniper.net",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-01-19T01:15:08.197",
  "references": [
    {
      "source": "sirt@juniper.net",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.juniper.net/JSA11261"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://kb.juniper.net/JSA11261"
    }
  ],
  "sourceIdentifier": "sirt@juniper.net",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-407"
        },
        {
          "lang": "en",
          "value": "CWE-770"
        }
      ],
      "source": "sirt@juniper.net",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.