Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTFR-2022-AVI-350
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans Juniper Junos OS et Junos OS Evolved. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à l'intégrité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Juniper Networks | Junos OS Evolved | Junos OS Evolved versions antérieures à 20.1R3, 20.2R3, 20.3R2, 20.4R1, 20.4R2-S3-EVO, 20.4R3-S3-EVO, 21.1R3-S1-EVO, 21.2R2-EVO, 21.2R3-EVO, 21.3R1-EVO, 21.3R2-EVO, 21.4R1-EVO, 21.4R2-EVO, 22.1R1-EVO | ||
| Juniper Networks | Junos OS Evolved | JunosOS versions antérieures à 12.3R12-S19, 15.1R7-S10, 17.3R3-S11, 17.4R2-S13, 17.4R3-S4, 18.3R3-S5, 18.4R1-S8, 18.4R2-S10, 18.4R3-S9, 19.1R2-S3, 19.1R3-S8, 19.2R1-S8, 19.2R3-S5, 19.3R2-S6, 19.3R3-S5, 19.4R1-S4, 19.4R2-S6, 19.4R3-S7, 20.1R2, 20.1R3-S4, 20.2R2, 20.2R3-S4, 20.3R1-S2, 20.3R2, 20.3R3-S3, 20.4R1, 20.4R2-S2, 20.4R3-S2, 21.1R1-S1, 21.1R2-S1, 21.1R3-S1, 21.2R1-S1, 21.2R2, 21.2R3, 21.3R1, 21.3R2, 21.4R2, 22.1R1 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Junos OS Evolved versions ant\u00e9rieures \u00e0 20.1R3, 20.2R3, 20.3R2, 20.4R1, 20.4R2-S3-EVO, 20.4R3-S3-EVO, 21.1R3-S1-EVO, 21.2R2-EVO, 21.2R3-EVO, 21.3R1-EVO, 21.3R2-EVO, 21.4R1-EVO, 21.4R2-EVO, 22.1R1-EVO",
"product": {
"name": "Junos OS Evolved",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "JunosOS versions ant\u00e9rieures \u00e0 12.3R12-S19, 15.1R7-S10, 17.3R3-S11, 17.4R2-S13, 17.4R3-S4, 18.3R3-S5, 18.4R1-S8, 18.4R2-S10, 18.4R3-S9, 19.1R2-S3, 19.1R3-S8, 19.2R1-S8, 19.2R3-S5, 19.3R2-S6, 19.3R3-S5, 19.4R1-S4, 19.4R2-S6, 19.4R3-S7, 20.1R2, 20.1R3-S4, 20.2R2, 20.2R3-S4, 20.3R1-S2, 20.3R2, 20.3R3-S3, 20.4R1, 20.4R2-S2, 20.4R3-S2, 21.1R1-S1, 21.1R2-S1, 21.1R3-S1, 21.2R1-S1, 21.2R2, 21.2R3, 21.3R1, 21.3R2, 21.4R2, 22.1R1",
"product": {
"name": "Junos OS Evolved",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2022-22193",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22193"
},
{
"name": "CVE-2022-22198",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22198"
},
{
"name": "CVE-2022-22197",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22197"
},
{
"name": "CVE-2022-22194",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22194"
},
{
"name": "CVE-2022-22186",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22186"
},
{
"name": "CVE-2022-22196",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22196"
},
{
"name": "CVE-2022-22181",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22181"
},
{
"name": "CVE-2022-22188",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22188"
},
{
"name": "CVE-2022-22182",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22182"
},
{
"name": "CVE-2022-22183",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22183"
},
{
"name": "CVE-2022-22195",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22195"
}
],
"initial_release_date": "2022-04-15T00:00:00",
"last_revision_date": "2022-04-15T00:00:00",
"links": [],
"reference": "CERTFR-2022-AVI-350",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-04-15T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Juniper Junos OS et\nJunos OS Evolved. Certaines d\u0027entre elles permettent \u00e0 un attaquant de\nprovoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de\nservice \u00e0 distance et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Juniper Junos OS et Junos OS Evolved",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69505 du 13 avril 2022",
"url": "https://supportportal.juniper.net/s/article/2022-04-Security-Bulletin-Junos-OS-Evolved-PTX-series-An-attacker-sending-a-crafted-GRE-packet-will-cause-the-PFE-to-restart-CVE-2022-22194?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69519 du 13 avril 2022",
"url": "https://supportportal.juniper.net/s/article/2022-04-Security-Bulletin-Junos-OS-A-XSS-vulnerability-allows-an-attacker-to-execute-commands-on-a-target-J-Web-session-CVE-2022-22182?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69517 du 13 avril 2022",
"url": "https://supportportal.juniper.net/s/article/2022-04-Security-Bulletin-Junos-OS-J-Web-can-be-compromised-through-reflected-XSS-attacks-CVE-2022-22181?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69516 du 13 avril 2022",
"url": "https://supportportal.juniper.net/s/article/2022-04-Security-Bulletin-Junos-OS-Evolved-A-remote-attacker-may-cause-a-CPU-Denial-of-Service-by-sending-genuine-traffic-to-a-device-on-a-specific-IPv4-port-CVE-2022-22183?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69511 du 13 avril 2022",
"url": "https://supportportal.juniper.net/s/article/2022-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-An-rpd-core-will-be-observed-with-proxy-BGP-route-target-filtering-enabled-and-certain-route-add-and-delete-event-happening-CVE-2022-22197?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69513 du 13 avril 2022",
"url": "https://supportportal.juniper.net/s/article/2022-04-Security-Bulletin-Junos-OS-MS-MPC-or-MS-MIC-or-SPC-crashes-if-it-receives-a-SIP-message-with-a-specific-contact-header-format-CVE-2022-22198?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69509 du 13 avril 2022",
"url": "https://supportportal.juniper.net/s/article/2022-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-The-rpd-CPU-spikes-to-100-after-a-malformed-ISIS-TLV-has-been-received-CVE-2022-22196?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69497 du 13 avril 2022",
"url": "https://supportportal.juniper.net/s/article/2022-04-Security-Bulletin-Junos-OS-QFX5100-QFX5110-QFX5120-QFX5200-QFX5210-EX4600-EX4650-Series-When-storm-control-profiling-is-enabled-and-a-device-is-under-an-active-storm-a-Heap-based-Buffer-Overflow-in-the-PFE-will-cause-a-device-hang-CVE-2022-22188?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69508 du 13 avril 2022",
"url": "https://supportportal.juniper.net/s/article/2022-04-Security-Bulletin-Junos-OS-Evolved-Specific-packets-reaching-the-RE-lead-to-a-counter-overflow-and-eventually-a-crash-CVE-2022-22195?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69503 du 13 avril 2022",
"url": "https://supportportal.juniper.net/s/article/2022-04-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-In-a-BGP-rib-sharding-scenario-when-a-certain-CLI-command-is-executed-the-rpd-process-might-crash-CVE-2022-22193?language=en_US"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA69494 du 13 avril 2022",
"url": "https://supportportal.juniper.net/s/article/2022-04-Security-Bulletin-Junos-OS-EX4650-Series-Certain-traffic-received-by-the-Junos-OS-device-on-the-management-interface-may-be-forwarded-to-egress-interfaces-instead-of-discarded-CVE-2022-22186?language=en_US"
}
]
}
CVE-2022-22188 (GCVE-0-2022-22188)
Vulnerability from cvelistv5
Published
2022-04-14 15:50
Modified
2024-09-16 16:57
Severity ?
VLAI Severity ?
EPSS score ?
Summary
An Uncontrolled Memory Allocation vulnerability leading to a Heap-based Buffer Overflow in the packet forwarding engine (PFE) of Juniper Networks Junos OS allows a network-based unauthenticated attacker to flood the device with traffic leading to a Denial of Service (DoS). The device must be configured with storm control profiling limiting the number of unknown broadcast, multicast, or unicast traffic to be vulnerable to this issue. This issue affects: Juniper Networks Junos OS on QFX5100/QFX5110/QFX5120/QFX5200/QFX5210/EX4600/EX4650 Series; 20.2 version 20.2R1 and later versions prior to 20.2R2. This issue does not affect: Juniper Networks Junos OS versions prior to 20.2R1.
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Juniper Networks | Junos OS |
Patch: unspecified < 20.2R1 Version: 20.2R1 < 20.2* |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:07:49.863Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.juniper.net/JSA69497"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"QFX5100/QFX5110/QFX5120/QFX5200/QFX5210/EX4600/EX4650 Series"
],
"product": "Junos OS",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "20.2R1",
"status": "unaffected",
"version": "unspecified",
"versionType": "custom"
},
{
"changes": [
{
"at": "20.2R2",
"status": "unaffected"
}
],
"lessThan": "20.2*",
"status": "affected",
"version": "20.2R1",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"value": "The following is an example of the configuration required to be impacted by this issue. \nPlease refer to your documentation for specific configuration guidance:\n\n set interfaces xe-0/0/9:1 unit 0 family ethernet-switching interface-mode trunk\n set interfaces xe-0/0/9:1 unit 0 family ethernet-switching vlan members 100\n set interfaces xe-0/0/9:1 unit 0 family ethernet-switching storm-control sc\n set forwarding-options storm-control-profiles sc all\n set forwarding-options storm-control-profiles sc action-shutdown\n set vlans vlan100 vlan-id 100"
}
],
"datePublic": "2022-04-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An Uncontrolled Memory Allocation vulnerability leading to a Heap-based Buffer Overflow in the packet forwarding engine (PFE) of Juniper Networks Junos OS allows a network-based unauthenticated attacker to flood the device with traffic leading to a Denial of Service (DoS). The device must be configured with storm control profiling limiting the number of unknown broadcast, multicast, or unicast traffic to be vulnerable to this issue. This issue affects: Juniper Networks Junos OS on QFX5100/QFX5110/QFX5120/QFX5200/QFX5210/EX4600/EX4650 Series; 20.2 version 20.2R1 and later versions prior to 20.2R2. This issue does not affect: Juniper Networks Junos OS versions prior to 20.2R1."
}
],
"exploits": [
{
"lang": "en",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-789",
"description": "CWE-789 Uncontrolled Memory Allocation",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122 Heap-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-14T15:50:47",
"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"shortName": "juniper"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.juniper.net/JSA69497"
}
],
"solutions": [
{
"lang": "en",
"value": "The following software releases have been updated to resolve this specific issue: 20.2R2, 20.3R1, and all subsequent releases."
}
],
"source": {
"advisory": "JSA69497",
"defect": [
"1525821"
],
"discovery": "INTERNAL"
},
"title": "Junos OS: QFX5100/QFX5110/QFX5120/QFX5200/QFX5210/EX4600/EX4650 Series: When storm control profiling is enabled and a device is under an active storm, a Heap-based Buffer Overflow in the PFE will cause a device to hang.",
"workarounds": [
{
"lang": "en",
"value": "There are no viable workarounds for this issue."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2022-04-13T16:00:00.000Z",
"ID": "CVE-2022-22188",
"STATE": "PUBLIC",
"TITLE": "Junos OS: QFX5100/QFX5110/QFX5120/QFX5200/QFX5210/EX4600/EX4650 Series: When storm control profiling is enabled and a device is under an active storm, a Heap-based Buffer Overflow in the PFE will cause a device to hang."
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"platform": "QFX5100/QFX5110/QFX5120/QFX5200/QFX5210/EX4600/EX4650 Series",
"version_affected": "!\u003c",
"version_value": "20.2R1"
},
{
"platform": "QFX5100/QFX5110/QFX5120/QFX5200/QFX5210/EX4600/EX4650 Series",
"version_affected": "\u003e=",
"version_name": "20.2",
"version_value": "20.2R1"
},
{
"platform": "QFX5100/QFX5110/QFX5120/QFX5200/QFX5210/EX4600/EX4650 Series",
"version_affected": "\u003c",
"version_name": "20.2",
"version_value": "20.2R2"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"configuration": [
{
"lang": "en",
"value": "The following is an example of the configuration required to be impacted by this issue. \nPlease refer to your documentation for specific configuration guidance:\n\n set interfaces xe-0/0/9:1 unit 0 family ethernet-switching interface-mode trunk\n set interfaces xe-0/0/9:1 unit 0 family ethernet-switching vlan members 100\n set interfaces xe-0/0/9:1 unit 0 family ethernet-switching storm-control sc\n set forwarding-options storm-control-profiles sc all\n set forwarding-options storm-control-profiles sc action-shutdown\n set vlans vlan100 vlan-id 100"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An Uncontrolled Memory Allocation vulnerability leading to a Heap-based Buffer Overflow in the packet forwarding engine (PFE) of Juniper Networks Junos OS allows a network-based unauthenticated attacker to flood the device with traffic leading to a Denial of Service (DoS). The device must be configured with storm control profiling limiting the number of unknown broadcast, multicast, or unicast traffic to be vulnerable to this issue. This issue affects: Juniper Networks Junos OS on QFX5100/QFX5110/QFX5120/QFX5200/QFX5210/EX4600/EX4650 Series; 20.2 version 20.2R1 and later versions prior to 20.2R2. This issue does not affect: Juniper Networks Junos OS versions prior to 20.2R1."
}
]
},
"exploit": [
{
"lang": "en",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-789 Uncontrolled Memory Allocation"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-122 Heap-based Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA69497",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA69497"
}
]
},
"solution": [
{
"lang": "en",
"value": "The following software releases have been updated to resolve this specific issue: 20.2R2, 20.3R1, and all subsequent releases."
}
],
"source": {
"advisory": "JSA69497",
"defect": [
"1525821"
],
"discovery": "INTERNAL"
},
"work_around": [
{
"lang": "en",
"value": "There are no viable workarounds for this issue."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"assignerShortName": "juniper",
"cveId": "CVE-2022-22188",
"datePublished": "2022-04-14T15:50:47.811194Z",
"dateReserved": "2021-12-21T00:00:00",
"dateUpdated": "2024-09-16T16:57:36.592Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-22195 (GCVE-0-2022-22195)
Vulnerability from cvelistv5
Published
2022-04-14 15:50
Modified
2024-09-16 23:11
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-911 - Improper Update of Reference Count
- Denial of Service (DoS)
Summary
An Improper Update of Reference Count vulnerability in the kernel of Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to trigger a counter overflow, eventually causing a Denial of Service (DoS). This issue affects Juniper Networks Junos OS Evolved: All versions prior to 20.4R3-S1-EVO; 21.1 versions prior to 21.1R3-EVO; 21.2 versions prior to 21.2R3-EVO; 21.3 versions prior to 21.3R2-EVO. This issue does not affect Juniper Networks Junos OS.
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Juniper Networks | Junos OS Evolved |
Version: unspecified < 20.4R3-S1-EVO Version: 21.1 < 21.1R3-EVO Version: 21.2 < 21.2R3-EVO Version: 21.3 < 21.3R2-EVO |
||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:07:49.890Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.juniper.net/JSA69508"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Junos OS Evolved",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "20.4R3-S1-EVO",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "21.1R3-EVO",
"status": "affected",
"version": "21.1",
"versionType": "custom"
},
{
"lessThan": "21.2R3-EVO",
"status": "affected",
"version": "21.2",
"versionType": "custom"
},
{
"lessThan": "21.3R2-EVO",
"status": "affected",
"version": "21.3",
"versionType": "custom"
}
]
},
{
"product": "Junos OS",
"vendor": "Juniper Networks",
"versions": [
{
"status": "unaffected",
"version": "any"
}
]
}
],
"datePublic": "2022-04-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An Improper Update of Reference Count vulnerability in the kernel of Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to trigger a counter overflow, eventually causing a Denial of Service (DoS). This issue affects Juniper Networks Junos OS Evolved: All versions prior to 20.4R3-S1-EVO; 21.1 versions prior to 21.1R3-EVO; 21.2 versions prior to 21.2R3-EVO; 21.3 versions prior to 21.3R2-EVO. This issue does not affect Juniper Networks Junos OS."
}
],
"exploits": [
{
"lang": "en",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-911",
"description": "CWE-911 Improper Update of Reference Count",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"description": "Denial of Service (DoS)",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-14T15:50:56",
"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"shortName": "juniper"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.juniper.net/JSA69508"
}
],
"solutions": [
{
"lang": "en",
"value": "The following software releases have been updated to resolve this specific issue: 20.4R3-S1-EVO, 21.1R3-EVO, 21.2R3-EVO, 21.3R2-EVO, 21.4R1-EVO, and all subsequent releases."
}
],
"source": {
"advisory": "JSA69508",
"defect": [
"1607769"
],
"discovery": "USER"
},
"title": "Junos OS Evolved: Specific packets reaching the RE lead to a counter overflow and eventually a crash",
"workarounds": [
{
"lang": "en",
"value": "There are no viable workarounds for this issue.\n\nTo reduce the risk of exploitation of this issue, use access lists or firewall filters to limit access to only trusted networks, hosts and users."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2022-04-13T16:00:00.000Z",
"ID": "CVE-2022-22195",
"STATE": "PUBLIC",
"TITLE": "Junos OS Evolved: Specific packets reaching the RE lead to a counter overflow and eventually a crash"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Junos OS Evolved",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "20.4R3-S1-EVO"
},
{
"version_affected": "\u003c",
"version_name": "21.1",
"version_value": "21.1R3-EVO"
},
{
"version_affected": "\u003c",
"version_name": "21.2",
"version_value": "21.2R3-EVO"
},
{
"version_affected": "\u003c",
"version_name": "21.3",
"version_value": "21.3R2-EVO"
}
]
}
},
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"version_affected": "!",
"version_value": "any"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An Improper Update of Reference Count vulnerability in the kernel of Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to trigger a counter overflow, eventually causing a Denial of Service (DoS). This issue affects Juniper Networks Junos OS Evolved: All versions prior to 20.4R3-S1-EVO; 21.1 versions prior to 21.1R3-EVO; 21.2 versions prior to 21.2R3-EVO; 21.3 versions prior to 21.3R2-EVO. This issue does not affect Juniper Networks Junos OS."
}
]
},
"exploit": [
{
"lang": "en",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-911 Improper Update of Reference Count"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "Denial of Service (DoS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA69508",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA69508"
}
]
},
"solution": [
{
"lang": "en",
"value": "The following software releases have been updated to resolve this specific issue: 20.4R3-S1-EVO, 21.1R3-EVO, 21.2R3-EVO, 21.3R2-EVO, 21.4R1-EVO, and all subsequent releases."
}
],
"source": {
"advisory": "JSA69508",
"defect": [
"1607769"
],
"discovery": "USER"
},
"work_around": [
{
"lang": "en",
"value": "There are no viable workarounds for this issue.\n\nTo reduce the risk of exploitation of this issue, use access lists or firewall filters to limit access to only trusted networks, hosts and users."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"assignerShortName": "juniper",
"cveId": "CVE-2022-22195",
"datePublished": "2022-04-14T15:50:56.689607Z",
"dateReserved": "2021-12-21T00:00:00",
"dateUpdated": "2024-09-16T23:11:31.592Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-22193 (GCVE-0-2022-22193)
Vulnerability from cvelistv5
Published
2022-04-14 15:50
Modified
2024-09-17 02:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-241 - Improper Handling of Unexpected Data Type
- Denial of Service (DoS)
Summary
An Improper Handling of Unexpected Data Type vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a locally authenticated attacker with low privileges to cause a Denial of Service (DoS). Continued execution of this command might cause a sustained Denial of Service condition. If BGP rib sharding is configured and a certain CLI command is executed the rpd process can crash. During the rpd crash and restart, the routing protocols might be impacted and traffic disruption might be seen due to the loss of routing information. This issue affects: Juniper Networks Junos OS 20.3 versions prior to 20.3R3-S1; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R3; 21.2 versions prior to 21.2R2. Juniper Networks Junos OS Evolved 20.4 versions prior to 20.4R3-EVO; 21.1 versions prior to 21.1R3-EVO; 21.2 versions prior to 21.2R2-EVO. This issue does not affect: Juniper Networks Junos OS versions prior to 20.3R1. Juniper Networks Junos OS Evolved versions prior to 20.3R1-EVO.
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Juniper Networks | Junos OS |
Patch: unspecified < 20.3R1 Version: 20.3 < 20.3R3-S1 Version: 20.4 < 20.4R3 Version: 21.1 < 21.1R3 Version: 21.2 < 21.2R2 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:07:49.838Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.juniper.net/JSA69503"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Junos OS",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "20.3R1",
"status": "unaffected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "20.3R3-S1",
"status": "affected",
"version": "20.3",
"versionType": "custom"
},
{
"lessThan": "20.4R3",
"status": "affected",
"version": "20.4",
"versionType": "custom"
},
{
"lessThan": "21.1R3",
"status": "affected",
"version": "21.1",
"versionType": "custom"
},
{
"lessThan": "21.2R2",
"status": "affected",
"version": "21.2",
"versionType": "custom"
}
]
},
{
"product": "Junos OS Evolved",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "20.3R1-EVO",
"status": "unaffected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "20.4R3-EVO",
"status": "affected",
"version": "20.4",
"versionType": "custom"
},
{
"lessThan": "21.1R3-EVO",
"status": "affected",
"version": "21.1",
"versionType": "custom"
},
{
"lessThan": "21.2R2-EVO",
"status": "affected",
"version": "21.2",
"versionType": "custom"
},
{
"lessThan": "20.3*",
"status": "affected",
"version": "20.3R1-EVO",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"value": "To be affected by this issue BGP rib sharing needs to be configured:\n\n [ system processes routing bgp rib-sharding ]"
}
],
"datePublic": "2022-04-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An Improper Handling of Unexpected Data Type vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a locally authenticated attacker with low privileges to cause a Denial of Service (DoS). Continued execution of this command might cause a sustained Denial of Service condition. If BGP rib sharding is configured and a certain CLI command is executed the rpd process can crash. During the rpd crash and restart, the routing protocols might be impacted and traffic disruption might be seen due to the loss of routing information. This issue affects: Juniper Networks Junos OS 20.3 versions prior to 20.3R3-S1; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R3; 21.2 versions prior to 21.2R2. Juniper Networks Junos OS Evolved 20.4 versions prior to 20.4R3-EVO; 21.1 versions prior to 21.1R3-EVO; 21.2 versions prior to 21.2R2-EVO. This issue does not affect: Juniper Networks Junos OS versions prior to 20.3R1. Juniper Networks Junos OS Evolved versions prior to 20.3R1-EVO."
}
],
"exploits": [
{
"lang": "en",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-241",
"description": "CWE-241 Improper Handling of Unexpected Data Type",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"description": "Denial of Service (DoS)",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-14T15:50:53",
"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"shortName": "juniper"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.juniper.net/JSA69503"
}
],
"solutions": [
{
"lang": "en",
"value": "The following software releases have been updated to resolve this specific issue: \nJunos OS Evolved: 20.4R3-EVO, 21.1R3-EVO, 21.2R2-EVO, 21.3R1-EVO, and all subsequent releases;\nJunos OS: 20.3R3-S1, 20.4R3, 21.1R3, 21.2R2, 21.3R1, and all subsequent releases."
}
],
"source": {
"advisory": "JSA69503",
"defect": [
"1600866"
],
"discovery": "INTERNAL"
},
"title": "Junos OS and Junos OS Evolved: In a BGP rib-sharding scenario when a certain CLI command is executed the rpd process might crash",
"workarounds": [
{
"lang": "en",
"value": "There are no viable workarounds for this issue."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2022-04-13T16:00:00.000Z",
"ID": "CVE-2022-22193",
"STATE": "PUBLIC",
"TITLE": "Junos OS and Junos OS Evolved: In a BGP rib-sharding scenario when a certain CLI command is executed the rpd process might crash"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "20.3",
"version_value": "20.3R3-S1"
},
{
"version_affected": "\u003c",
"version_name": "20.4",
"version_value": "20.4R3"
},
{
"version_affected": "\u003c",
"version_name": "21.1",
"version_value": "21.1R3"
},
{
"version_affected": "\u003c",
"version_name": "21.2",
"version_value": "21.2R2"
},
{
"version_affected": "!\u003c",
"version_value": "20.3R1"
}
]
}
},
{
"product_name": "Junos OS Evolved",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "20.4",
"version_value": "20.4R3-EVO"
},
{
"version_affected": "\u003c",
"version_name": "21.1",
"version_value": "21.1R3-EVO"
},
{
"version_affected": "\u003c",
"version_name": "21.2",
"version_value": "21.2R2-EVO"
},
{
"version_affected": "!\u003c",
"version_value": "20.3R1-EVO"
},
{
"version_affected": "\u003e=",
"version_name": "20.3",
"version_value": "20.3R1-EVO"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"configuration": [
{
"lang": "en",
"value": "To be affected by this issue BGP rib sharing needs to be configured:\n\n [ system processes routing bgp rib-sharding ]"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An Improper Handling of Unexpected Data Type vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a locally authenticated attacker with low privileges to cause a Denial of Service (DoS). Continued execution of this command might cause a sustained Denial of Service condition. If BGP rib sharding is configured and a certain CLI command is executed the rpd process can crash. During the rpd crash and restart, the routing protocols might be impacted and traffic disruption might be seen due to the loss of routing information. This issue affects: Juniper Networks Junos OS 20.3 versions prior to 20.3R3-S1; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R3; 21.2 versions prior to 21.2R2. Juniper Networks Junos OS Evolved 20.4 versions prior to 20.4R3-EVO; 21.1 versions prior to 21.1R3-EVO; 21.2 versions prior to 21.2R2-EVO. This issue does not affect: Juniper Networks Junos OS versions prior to 20.3R1. Juniper Networks Junos OS Evolved versions prior to 20.3R1-EVO."
}
]
},
"exploit": [
{
"lang": "en",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-241 Improper Handling of Unexpected Data Type"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "Denial of Service (DoS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA69503",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA69503"
}
]
},
"solution": [
{
"lang": "en",
"value": "The following software releases have been updated to resolve this specific issue: \nJunos OS Evolved: 20.4R3-EVO, 21.1R3-EVO, 21.2R2-EVO, 21.3R1-EVO, and all subsequent releases;\nJunos OS: 20.3R3-S1, 20.4R3, 21.1R3, 21.2R2, 21.3R1, and all subsequent releases."
}
],
"source": {
"advisory": "JSA69503",
"defect": [
"1600866"
],
"discovery": "INTERNAL"
},
"work_around": [
{
"lang": "en",
"value": "There are no viable workarounds for this issue."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"assignerShortName": "juniper",
"cveId": "CVE-2022-22193",
"datePublished": "2022-04-14T15:50:53.728016Z",
"dateReserved": "2021-12-21T00:00:00",
"dateUpdated": "2024-09-17T02:06:34.600Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-22182 (GCVE-0-2022-22182)
Vulnerability from cvelistv5
Published
2022-04-14 15:50
Modified
2024-09-16 17:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Cross-site Scripting (XSS)
Summary
A Cross-site Scripting (XSS) vulnerability in Juniper Networks Junos OS J-Web allows an attacker to construct a URL that when visited by another user enables the attacker to execute commands with the target's permissions, including an administrator. This issue affects: Juniper Networks Junos OS 12.3 versions prior to 12.3R12-S19; 15.1 versions prior to 15.1R7-S10; 18.3 versions prior to 18.3R3-S5; 18.4 versions prior to 18.4R2-S10, 18.4R3-S9; 19.1 versions prior to 19.1R2-S3, 19.1R3-S6; 19.2 versions prior to 19.2R1-S8, 19.2R3-S3; 19.3 versions prior to 19.3R2-S6, 19.3R3-S3; 19.4 versions prior to 19.4R3-S5; 20.1 versions prior to 20.1R3-S2; 20.2 versions prior to 20.2R3-S2; 20.3 versions prior to 20.3R3; 20.4 versions prior to 20.4R2-S2, 20.4R3; 21.1 versions prior to 21.1R1-S1, 21.1R2; 21.2 versions prior to 21.2R1-S1, 21.2R2.
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Juniper Networks | Junos OS |
Version: 12.3 < 12.3R12-S19 Version: 15.1 < 15.1R7-S10 Version: 18.3 < 18.3R3-S5 Version: 18.4 < 18.4R2-S10, 18.4R3-S9 Version: 19.1 < 19.1R2-S3, 19.1R3-S6 Version: 19.2 < 19.2R1-S8, 19.2R3-S3 Version: 19.3 < 19.3R2-S6, 19.3R3-S3 Version: 19.4 < 19.4R3-S5 Version: 20.1 < 20.1R3-S2 Version: 20.2 < 20.2R3-S2 Version: 20.3 < 20.3R3 Version: 20.4 < 20.4R2-S2, 20.4R3 Version: 21.1 < 21.1R1-S1, 21.1R2 Version: 21.2 < 21.2R1-S1, 21.2R2 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:07:50.048Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.juniper.net/JSA69519"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Junos OS",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "12.3R12-S19",
"status": "affected",
"version": "12.3",
"versionType": "custom"
},
{
"lessThan": "15.1R7-S10",
"status": "affected",
"version": "15.1",
"versionType": "custom"
},
{
"lessThan": "18.3R3-S5",
"status": "affected",
"version": "18.3",
"versionType": "custom"
},
{
"lessThan": "18.4R2-S10, 18.4R3-S9",
"status": "affected",
"version": "18.4",
"versionType": "custom"
},
{
"lessThan": "19.1R2-S3, 19.1R3-S6",
"status": "affected",
"version": "19.1",
"versionType": "custom"
},
{
"lessThan": "19.2R1-S8, 19.2R3-S3",
"status": "affected",
"version": "19.2",
"versionType": "custom"
},
{
"lessThan": "19.3R2-S6, 19.3R3-S3",
"status": "affected",
"version": "19.3",
"versionType": "custom"
},
{
"lessThan": "19.4R3-S5",
"status": "affected",
"version": "19.4",
"versionType": "custom"
},
{
"lessThan": "20.1R3-S2",
"status": "affected",
"version": "20.1",
"versionType": "custom"
},
{
"lessThan": "20.2R3-S2",
"status": "affected",
"version": "20.2",
"versionType": "custom"
},
{
"lessThan": "20.3R3",
"status": "affected",
"version": "20.3",
"versionType": "custom"
},
{
"lessThan": "20.4R2-S2, 20.4R3",
"status": "affected",
"version": "20.4",
"versionType": "custom"
},
{
"lessThan": "21.1R1-S1, 21.1R2",
"status": "affected",
"version": "21.1",
"versionType": "custom"
},
{
"lessThan": "21.2R1-S1, 21.2R2",
"status": "affected",
"version": "21.2",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"value": "The examples of the config stanza affected by this issue:\n\n [system services web-management]\n [system services web-management https]"
}
],
"datePublic": "2022-04-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A Cross-site Scripting (XSS) vulnerability in Juniper Networks Junos OS J-Web allows an attacker to construct a URL that when visited by another user enables the attacker to execute commands with the target\u0027s permissions, including an administrator. This issue affects: Juniper Networks Junos OS 12.3 versions prior to 12.3R12-S19; 15.1 versions prior to 15.1R7-S10; 18.3 versions prior to 18.3R3-S5; 18.4 versions prior to 18.4R2-S10, 18.4R3-S9; 19.1 versions prior to 19.1R2-S3, 19.1R3-S6; 19.2 versions prior to 19.2R1-S8, 19.2R3-S3; 19.3 versions prior to 19.3R2-S6, 19.3R3-S3; 19.4 versions prior to 19.4R3-S5; 20.1 versions prior to 20.1R3-S2; 20.2 versions prior to 20.2R3-S2; 20.3 versions prior to 20.3R3; 20.4 versions prior to 20.4R2-S2, 20.4R3; 21.1 versions prior to 21.1R1-S1, 21.1R2; 21.2 versions prior to 21.2R1-S1, 21.2R2."
}
],
"exploits": [
{
"lang": "en",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Cross-site Scripting (XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-14T15:50:38",
"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"shortName": "juniper"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.juniper.net/JSA69519"
}
],
"solutions": [
{
"lang": "en",
"value": "The following software releases have been updated to resolve this specific issue: 12.3R12-S19, 15.1R7-S10, 18.3R3-S5, 18.4R2-S10, 18.4R3-S9, 19.1R2-S3, 19.1R3-S6, 19.2R1-S8, 19.2R3-S3, 19.3R2-S6, 19.3R3-S3, 19.4R3-S5, 20.1R3-S2, 20.2R3-S2, 20.3R3, 20.4R2-S2, 20.4R3, 21.1R1-S1, 21.1R2, 21.2R1-S1, 21.2R2, 21.3R1, and all subsequent releases."
}
],
"source": {
"advisory": "JSA69519",
"defect": [
"1591626"
],
"discovery": "INTERNAL"
},
"title": "Junos OS: A XSS vulnerability allows an attacker to execute commands on a target J-Web session",
"workarounds": [
{
"lang": "en",
"value": "To reduce the risk of exploitation of this issue, use access lists or firewall filters to limit access to only trusted administrative networks, hosts and users.\n\nAlternatively, J-Web can be disabled."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2022-04-13T16:00:00.000Z",
"ID": "CVE-2022-22182",
"STATE": "PUBLIC",
"TITLE": "Junos OS: A XSS vulnerability allows an attacker to execute commands on a target J-Web session"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "12.3",
"version_value": "12.3R12-S19"
},
{
"version_affected": "\u003c",
"version_name": "15.1",
"version_value": "15.1R7-S10"
},
{
"version_affected": "\u003c",
"version_name": "18.3",
"version_value": "18.3R3-S5"
},
{
"version_affected": "\u003c",
"version_name": "18.4",
"version_value": "18.4R2-S10, 18.4R3-S9"
},
{
"version_affected": "\u003c",
"version_name": "19.1",
"version_value": "19.1R2-S3, 19.1R3-S6"
},
{
"version_affected": "\u003c",
"version_name": "19.2",
"version_value": "19.2R1-S8, 19.2R3-S3"
},
{
"version_affected": "\u003c",
"version_name": "19.3",
"version_value": "19.3R2-S6, 19.3R3-S3"
},
{
"version_affected": "\u003c",
"version_name": "19.4",
"version_value": "19.4R3-S5"
},
{
"version_affected": "\u003c",
"version_name": "20.1",
"version_value": "20.1R3-S2"
},
{
"version_affected": "\u003c",
"version_name": "20.2",
"version_value": "20.2R3-S2"
},
{
"version_affected": "\u003c",
"version_name": "20.3",
"version_value": "20.3R3"
},
{
"version_affected": "\u003c",
"version_name": "20.4",
"version_value": "20.4R2-S2, 20.4R3"
},
{
"version_affected": "\u003c",
"version_name": "21.1",
"version_value": "21.1R1-S1, 21.1R2"
},
{
"version_affected": "\u003c",
"version_name": "21.2",
"version_value": "21.2R1-S1, 21.2R2"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"configuration": [
{
"lang": "en",
"value": "The examples of the config stanza affected by this issue:\n\n [system services web-management]\n [system services web-management https]"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Cross-site Scripting (XSS) vulnerability in Juniper Networks Junos OS J-Web allows an attacker to construct a URL that when visited by another user enables the attacker to execute commands with the target\u0027s permissions, including an administrator. This issue affects: Juniper Networks Junos OS 12.3 versions prior to 12.3R12-S19; 15.1 versions prior to 15.1R7-S10; 18.3 versions prior to 18.3R3-S5; 18.4 versions prior to 18.4R2-S10, 18.4R3-S9; 19.1 versions prior to 19.1R2-S3, 19.1R3-S6; 19.2 versions prior to 19.2R1-S8, 19.2R3-S3; 19.3 versions prior to 19.3R2-S6, 19.3R3-S3; 19.4 versions prior to 19.4R3-S5; 20.1 versions prior to 20.1R3-S2; 20.2 versions prior to 20.2R3-S2; 20.3 versions prior to 20.3R3; 20.4 versions prior to 20.4R2-S2, 20.4R3; 21.1 versions prior to 21.1R1-S1, 21.1R2; 21.2 versions prior to 21.2R1-S1, 21.2R2."
}
]
},
"exploit": [
{
"lang": "en",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross-site Scripting (XSS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA69519",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA69519"
}
]
},
"solution": [
{
"lang": "en",
"value": "The following software releases have been updated to resolve this specific issue: 12.3R12-S19, 15.1R7-S10, 18.3R3-S5, 18.4R2-S10, 18.4R3-S9, 19.1R2-S3, 19.1R3-S6, 19.2R1-S8, 19.2R3-S3, 19.3R2-S6, 19.3R3-S3, 19.4R3-S5, 20.1R3-S2, 20.2R3-S2, 20.3R3, 20.4R2-S2, 20.4R3, 21.1R1-S1, 21.1R2, 21.2R1-S1, 21.2R2, 21.3R1, and all subsequent releases."
}
],
"source": {
"advisory": "JSA69519",
"defect": [
"1591626"
],
"discovery": "INTERNAL"
},
"work_around": [
{
"lang": "en",
"value": "To reduce the risk of exploitation of this issue, use access lists or firewall filters to limit access to only trusted administrative networks, hosts and users.\n\nAlternatively, J-Web can be disabled."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"assignerShortName": "juniper",
"cveId": "CVE-2022-22182",
"datePublished": "2022-04-14T15:50:39.024875Z",
"dateReserved": "2021-12-21T00:00:00",
"dateUpdated": "2024-09-16T17:03:27.545Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-22186 (GCVE-0-2022-22186)
Vulnerability from cvelistv5
Published
2022-04-14 15:50
Modified
2024-09-16 18:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-665 - Improper Initialization
Summary
Due to an Improper Initialization vulnerability in Juniper Networks Junos OS on EX4650 devices, packets received on the management interface (em0) but not destined to the device, may be improperly forwarded to an egress interface, instead of being discarded. Such traffic being sent by a client may appear genuine, but is non-standard in nature and should be considered as potentially malicious. This issue affects: Juniper Networks Junos OS on EX4650 Series: All versions prior to 19.1R3-S8; 19.2 versions prior to 19.2R3-S5; 19.3 versions prior to 19.3R3-S5; 19.4 versions prior to 19.4R3-S7; 20.1 versions prior to 20.1R3-S3; 20.2 versions prior to 20.2R3-S4; 20.3 versions prior to 20.3R3-S3; 20.4 versions prior to 20.4R3-S2; 21.1 versions prior to 21.1R3-S1; 21.2 versions prior to 21.2R3; 21.3 versions prior to 21.3R2; 21.4 versions prior to 21.4R2; 22.1 versions prior to 22.1R1.
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Juniper Networks | Junos OS |
Version: unspecified < 19.1R3-S8 Version: 19.2 < 19.2R3-S5 Version: 19.3 < 19.3R3-S5 Version: 19.4 < 19.4R3-S7 Version: 20.1 < 20.1R3-S3 Version: 20.2 < 20.2R3-S4 Version: 20.3 < 20.3R3-S3 Version: 20.4 < 20.4R3-S2 Version: 21.1 < 21.1R3-S1 Version: 21.2 < 21.2R3 Version: 21.3 < 21.3R2 Version: 21.4 < 21.4R2 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:07:49.601Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.juniper.net/JSA69494"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"EX4650 Series"
],
"product": "Junos OS",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "19.1R3-S8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "19.2R3-S5",
"status": "affected",
"version": "19.2",
"versionType": "custom"
},
{
"lessThan": "19.3R3-S5",
"status": "affected",
"version": "19.3",
"versionType": "custom"
},
{
"lessThan": "19.4R3-S7",
"status": "affected",
"version": "19.4",
"versionType": "custom"
},
{
"lessThan": "20.1R3-S3",
"status": "affected",
"version": "20.1",
"versionType": "custom"
},
{
"lessThan": "20.2R3-S4",
"status": "affected",
"version": "20.2",
"versionType": "custom"
},
{
"lessThan": "20.3R3-S3",
"status": "affected",
"version": "20.3",
"versionType": "custom"
},
{
"lessThan": "20.4R3-S2",
"status": "affected",
"version": "20.4",
"versionType": "custom"
},
{
"lessThan": "21.1R3-S1",
"status": "affected",
"version": "21.1",
"versionType": "custom"
},
{
"lessThan": "21.2R3",
"status": "affected",
"version": "21.2",
"versionType": "custom"
},
{
"lessThan": "21.3R2",
"status": "affected",
"version": "21.3",
"versionType": "custom"
},
{
"lessThan": "21.4R2",
"status": "affected",
"version": "21.4",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-04-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Due to an Improper Initialization vulnerability in Juniper Networks Junos OS on EX4650 devices, packets received on the management interface (em0) but not destined to the device, may be improperly forwarded to an egress interface, instead of being discarded. Such traffic being sent by a client may appear genuine, but is non-standard in nature and should be considered as potentially malicious. This issue affects: Juniper Networks Junos OS on EX4650 Series: All versions prior to 19.1R3-S8; 19.2 versions prior to 19.2R3-S5; 19.3 versions prior to 19.3R3-S5; 19.4 versions prior to 19.4R3-S7; 20.1 versions prior to 20.1R3-S3; 20.2 versions prior to 20.2R3-S4; 20.3 versions prior to 20.3R3-S3; 20.4 versions prior to 20.4R3-S2; 21.1 versions prior to 21.1R3-S1; 21.2 versions prior to 21.2R3; 21.3 versions prior to 21.3R2; 21.4 versions prior to 21.4R2; 22.1 versions prior to 22.1R1."
}
],
"exploits": [
{
"lang": "en",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-665",
"description": "CWE-665 Improper Initialization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-14T15:50:43",
"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"shortName": "juniper"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.juniper.net/JSA69494"
}
],
"solutions": [
{
"lang": "en",
"value": "The following software releases have been updated to resolve this specific issue: 19.1R3-S8, 19.2R3-S5, 19.3R3-S5, 19.4R3-S7, 20.1R3-S3, 20.2R3-S4, 20.3R3-S3, 20.4R3-S2, 21.1R3-S1, 21.2R3, 21.3R2, 21.4R2, 22.1R1, and all subsequent releases."
}
],
"source": {
"advisory": "JSA69494",
"defect": [
"1628754"
],
"discovery": "INTERNAL"
},
"title": "Junos OS: EX4650 Series: Certain traffic received by the Junos OS device on the management interface may be forwarded to egress interfaces instead of discarded",
"workarounds": [
{
"lang": "en",
"value": "Disabling the net.transit_re sysctl flag will also cause management traffic forwarded to the PFE ports to be dropped:\n% sysctl -w net.transit_re=0\n\nNote that sysctl flags do not survive a reboot."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2022-04-13T16:00:00.000Z",
"ID": "CVE-2022-22186",
"STATE": "PUBLIC",
"TITLE": "Junos OS: EX4650 Series: Certain traffic received by the Junos OS device on the management interface may be forwarded to egress interfaces instead of discarded"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"platform": "EX4650 Series",
"version_affected": "\u003c",
"version_value": "19.1R3-S8"
},
{
"platform": "EX4650 Series",
"version_affected": "\u003c",
"version_name": "19.2",
"version_value": "19.2R3-S5"
},
{
"platform": "EX4650 Series",
"version_affected": "\u003c",
"version_name": "19.3",
"version_value": "19.3R3-S5"
},
{
"platform": "EX4650 Series",
"version_affected": "\u003c",
"version_name": "19.4",
"version_value": "19.4R3-S7"
},
{
"platform": "EX4650 Series",
"version_affected": "\u003c",
"version_name": "20.1",
"version_value": "20.1R3-S3"
},
{
"platform": "EX4650 Series",
"version_affected": "\u003c",
"version_name": "20.2",
"version_value": "20.2R3-S4"
},
{
"platform": "EX4650 Series",
"version_affected": "\u003c",
"version_name": "20.3",
"version_value": "20.3R3-S3"
},
{
"platform": "EX4650 Series",
"version_affected": "\u003c",
"version_name": "20.4",
"version_value": "20.4R3-S2"
},
{
"platform": "EX4650 Series",
"version_affected": "\u003c",
"version_name": "21.1",
"version_value": "21.1R3-S1"
},
{
"platform": "EX4650 Series",
"version_affected": "\u003c",
"version_name": "21.2",
"version_value": "21.2R3"
},
{
"platform": "EX4650 Series",
"version_affected": "\u003c",
"version_name": "21.3",
"version_value": "21.3R2"
},
{
"platform": "EX4650 Series",
"version_affected": "\u003c",
"version_name": "21.4",
"version_value": "21.4R2"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Due to an Improper Initialization vulnerability in Juniper Networks Junos OS on EX4650 devices, packets received on the management interface (em0) but not destined to the device, may be improperly forwarded to an egress interface, instead of being discarded. Such traffic being sent by a client may appear genuine, but is non-standard in nature and should be considered as potentially malicious. This issue affects: Juniper Networks Junos OS on EX4650 Series: All versions prior to 19.1R3-S8; 19.2 versions prior to 19.2R3-S5; 19.3 versions prior to 19.3R3-S5; 19.4 versions prior to 19.4R3-S7; 20.1 versions prior to 20.1R3-S3; 20.2 versions prior to 20.2R3-S4; 20.3 versions prior to 20.3R3-S3; 20.4 versions prior to 20.4R3-S2; 21.1 versions prior to 21.1R3-S1; 21.2 versions prior to 21.2R3; 21.3 versions prior to 21.3R2; 21.4 versions prior to 21.4R2; 22.1 versions prior to 22.1R1."
}
]
},
"exploit": [
{
"lang": "en",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-665 Improper Initialization"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA69494",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA69494"
}
]
},
"solution": [
{
"lang": "en",
"value": "The following software releases have been updated to resolve this specific issue: 19.1R3-S8, 19.2R3-S5, 19.3R3-S5, 19.4R3-S7, 20.1R3-S3, 20.2R3-S4, 20.3R3-S3, 20.4R3-S2, 21.1R3-S1, 21.2R3, 21.3R2, 21.4R2, 22.1R1, and all subsequent releases."
}
],
"source": {
"advisory": "JSA69494",
"defect": [
"1628754"
],
"discovery": "INTERNAL"
},
"work_around": [
{
"lang": "en",
"value": "Disabling the net.transit_re sysctl flag will also cause management traffic forwarded to the PFE ports to be dropped:\n% sysctl -w net.transit_re=0\n\nNote that sysctl flags do not survive a reboot."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"assignerShortName": "juniper",
"cveId": "CVE-2022-22186",
"datePublished": "2022-04-14T15:50:43.593742Z",
"dateReserved": "2021-12-21T00:00:00",
"dateUpdated": "2024-09-16T18:24:01.434Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-22197 (GCVE-0-2022-22197)
Vulnerability from cvelistv5
Published
2022-04-14 15:50
Modified
2024-09-16 17:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-672 - Operation on a Resource after Expiration or Release
- Denial of Service (DoS)
Summary
An Operation on a Resource after Expiration or Release vulnerability in the Routing Protocol Daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacker with an established BGP session to cause a Denial of Service (DoS). This issue occurs when proxy-generate route-target filtering is enabled, and certain proxy-route add and delete events are happening. This issue affects: Juniper Networks Junos OS All versions prior to 17.3R3-S11; 17.4 versions prior to 17.4R2-S13, 17.4R3-S4; 18.3 versions prior to 18.3R3-S4; 18.4 versions prior to 18.4R1-S8, 18.4R2-S8, 18.4R3-S6; 19.1 versions prior to 19.1R3-S4; 19.2 versions prior to 19.2R1-S6, 19.2R3-S2; 19.3 versions prior to 19.3R2-S6, 19.3R3-S1; 19.4 versions prior to 19.4R1-S4, 19.4R2-S4, 19.4R3; 20.1 versions prior to 20.1R2; 20.2 versions prior to 20.2R2; 20.3 versions prior to 20.3R1-S2, 20.3R2. Juniper Networks Junos OS Evolved All versions prior to 20.1R3-EVO; 20.2 versions prior to 20.2R3-EVO; 20.3 versions prior to 20.3R2-EVO.
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Juniper Networks | Junos OS |
Version: unspecified < 17.3R3-S11 Version: 17.4 < 17.4R2-S13, 17.4R3-S4 Version: 18.3 < 18.3R3-S4 Version: 18.4 < 18.4R1-S8, 18.4R2-S8, 18.4R3-S6 Version: 19.1 < 19.1R3-S4 Version: 19.2 < 19.2R1-S6, 19.2R3-S2 Version: 19.3 < 19.3R2-S6, 19.3R3-S1 Version: 19.4 < 19.4R1-S4, 19.4R2-S4, 19.4R3 Version: 20.1 < 20.1R2 Version: 20.2 < 20.2R2 Version: 20.3 < 20.3R1-S2, 20.3R2 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:07:49.722Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.juniper.net/JSA69511"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Junos OS",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "17.3R3-S11",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "17.4R2-S13, 17.4R3-S4",
"status": "affected",
"version": "17.4",
"versionType": "custom"
},
{
"lessThan": "18.3R3-S4",
"status": "affected",
"version": "18.3",
"versionType": "custom"
},
{
"lessThan": "18.4R1-S8, 18.4R2-S8, 18.4R3-S6",
"status": "affected",
"version": "18.4",
"versionType": "custom"
},
{
"lessThan": "19.1R3-S4",
"status": "affected",
"version": "19.1",
"versionType": "custom"
},
{
"lessThan": "19.2R1-S6, 19.2R3-S2",
"status": "affected",
"version": "19.2",
"versionType": "custom"
},
{
"lessThan": "19.3R2-S6, 19.3R3-S1",
"status": "affected",
"version": "19.3",
"versionType": "custom"
},
{
"lessThan": "19.4R1-S4, 19.4R2-S4, 19.4R3",
"status": "affected",
"version": "19.4",
"versionType": "custom"
},
{
"lessThan": "20.1R2",
"status": "affected",
"version": "20.1",
"versionType": "custom"
},
{
"lessThan": "20.2R2",
"status": "affected",
"version": "20.2",
"versionType": "custom"
},
{
"lessThan": "20.3R1-S2, 20.3R2",
"status": "affected",
"version": "20.3",
"versionType": "custom"
}
]
},
{
"product": "Junos OS Evolved",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "20.1R3-EVO",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "20.2R3-EVO",
"status": "affected",
"version": "20.2",
"versionType": "custom"
},
{
"lessThan": "20.3R2-EVO",
"status": "affected",
"version": "20.3",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"value": "Only configurations configured with proxy-generate route-target filtering are affected:\n\n [ protocols bgp ... family route-target proxy-generate ]"
}
],
"datePublic": "2022-04-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An Operation on a Resource after Expiration or Release vulnerability in the Routing Protocol Daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacker with an established BGP session to cause a Denial of Service (DoS). This issue occurs when proxy-generate route-target filtering is enabled, and certain proxy-route add and delete events are happening. This issue affects: Juniper Networks Junos OS All versions prior to 17.3R3-S11; 17.4 versions prior to 17.4R2-S13, 17.4R3-S4; 18.3 versions prior to 18.3R3-S4; 18.4 versions prior to 18.4R1-S8, 18.4R2-S8, 18.4R3-S6; 19.1 versions prior to 19.1R3-S4; 19.2 versions prior to 19.2R1-S6, 19.2R3-S2; 19.3 versions prior to 19.3R2-S6, 19.3R3-S1; 19.4 versions prior to 19.4R1-S4, 19.4R2-S4, 19.4R3; 20.1 versions prior to 20.1R2; 20.2 versions prior to 20.2R2; 20.3 versions prior to 20.3R1-S2, 20.3R2. Juniper Networks Junos OS Evolved All versions prior to 20.1R3-EVO; 20.2 versions prior to 20.2R3-EVO; 20.3 versions prior to 20.3R2-EVO."
}
],
"exploits": [
{
"lang": "en",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-672",
"description": "CWE-672 Operation on a Resource after Expiration or Release",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"description": "Denial of Service (DoS)",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-14T15:50:59",
"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"shortName": "juniper"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.juniper.net/JSA69511"
}
],
"solutions": [
{
"lang": "en",
"value": "The following software releases have been updated to resolve this specific issue: \nJunos OS: 17.3R3-S11, 17.4R2-S13, 17.4R3-S4, 18.3R3-S4, 18.4R1-S8, 18.4R2-S8, 18.4R3-S6, 19.1R3-S4, 19.2R1-S6, 19.2R3-S2, 19.3R2-S6, 19.3R3-S1, 19.4R1-S4, 19.4R2-S4, 19.4R3, 20.1R2, 20.2R2, 20.3R1-S2, 20.3R2, 20.4R1, and all subsequent releases;\nJunos OS Evolved: 20.1R3-EVO, 20.2R3-EVO, 20.3R2-EVO, 20.4R1-EVO, and all subsequent releases."
}
],
"source": {
"advisory": "JSA69511",
"defect": [
"1525588"
],
"discovery": "INTERNAL"
},
"title": "Junos OS and Junos OS Evolved: An rpd core will be observed with proxy BGP route-target filtering enabled and certain route add and delete event happening",
"workarounds": [
{
"lang": "en",
"value": "There are no viable workarounds for this issue."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2022-04-13T16:00:00.000Z",
"ID": "CVE-2022-22197",
"STATE": "PUBLIC",
"TITLE": "Junos OS and Junos OS Evolved: An rpd core will be observed with proxy BGP route-target filtering enabled and certain route add and delete event happening"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "17.3R3-S11"
},
{
"version_affected": "\u003c",
"version_name": "17.4",
"version_value": "17.4R2-S13, 17.4R3-S4"
},
{
"version_affected": "\u003c",
"version_name": "18.3",
"version_value": "18.3R3-S4"
},
{
"version_affected": "\u003c",
"version_name": "18.4",
"version_value": "18.4R1-S8, 18.4R2-S8, 18.4R3-S6"
},
{
"version_affected": "\u003c",
"version_name": "19.1",
"version_value": "19.1R3-S4"
},
{
"version_affected": "\u003c",
"version_name": "19.2",
"version_value": "19.2R1-S6, 19.2R3-S2"
},
{
"version_affected": "\u003c",
"version_name": "19.3",
"version_value": "19.3R2-S6, 19.3R3-S1"
},
{
"version_affected": "\u003c",
"version_name": "19.4",
"version_value": "19.4R1-S4, 19.4R2-S4, 19.4R3"
},
{
"version_affected": "\u003c",
"version_name": "20.1",
"version_value": "20.1R2"
},
{
"version_affected": "\u003c",
"version_name": "20.2",
"version_value": "20.2R2"
},
{
"version_affected": "\u003c",
"version_name": "20.3",
"version_value": "20.3R1-S2, 20.3R2"
}
]
}
},
{
"product_name": "Junos OS Evolved",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "20.1R3-EVO"
},
{
"version_affected": "\u003c",
"version_name": "20.2",
"version_value": "20.2R3-EVO"
},
{
"version_affected": "\u003c",
"version_name": "20.3",
"version_value": "20.3R2-EVO"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"configuration": [
{
"lang": "en",
"value": "Only configurations configured with proxy-generate route-target filtering are affected:\n\n [ protocols bgp ... family route-target proxy-generate ]"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An Operation on a Resource after Expiration or Release vulnerability in the Routing Protocol Daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacker with an established BGP session to cause a Denial of Service (DoS). This issue occurs when proxy-generate route-target filtering is enabled, and certain proxy-route add and delete events are happening. This issue affects: Juniper Networks Junos OS All versions prior to 17.3R3-S11; 17.4 versions prior to 17.4R2-S13, 17.4R3-S4; 18.3 versions prior to 18.3R3-S4; 18.4 versions prior to 18.4R1-S8, 18.4R2-S8, 18.4R3-S6; 19.1 versions prior to 19.1R3-S4; 19.2 versions prior to 19.2R1-S6, 19.2R3-S2; 19.3 versions prior to 19.3R2-S6, 19.3R3-S1; 19.4 versions prior to 19.4R1-S4, 19.4R2-S4, 19.4R3; 20.1 versions prior to 20.1R2; 20.2 versions prior to 20.2R2; 20.3 versions prior to 20.3R1-S2, 20.3R2. Juniper Networks Junos OS Evolved All versions prior to 20.1R3-EVO; 20.2 versions prior to 20.2R3-EVO; 20.3 versions prior to 20.3R2-EVO."
}
]
},
"exploit": [
{
"lang": "en",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-672 Operation on a Resource after Expiration or Release"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "Denial of Service (DoS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA69511",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA69511"
}
]
},
"solution": [
{
"lang": "en",
"value": "The following software releases have been updated to resolve this specific issue: \nJunos OS: 17.3R3-S11, 17.4R2-S13, 17.4R3-S4, 18.3R3-S4, 18.4R1-S8, 18.4R2-S8, 18.4R3-S6, 19.1R3-S4, 19.2R1-S6, 19.2R3-S2, 19.3R2-S6, 19.3R3-S1, 19.4R1-S4, 19.4R2-S4, 19.4R3, 20.1R2, 20.2R2, 20.3R1-S2, 20.3R2, 20.4R1, and all subsequent releases;\nJunos OS Evolved: 20.1R3-EVO, 20.2R3-EVO, 20.3R2-EVO, 20.4R1-EVO, and all subsequent releases."
}
],
"source": {
"advisory": "JSA69511",
"defect": [
"1525588"
],
"discovery": "INTERNAL"
},
"work_around": [
{
"lang": "en",
"value": "There are no viable workarounds for this issue."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"assignerShortName": "juniper",
"cveId": "CVE-2022-22197",
"datePublished": "2022-04-14T15:50:59.662920Z",
"dateReserved": "2021-12-21T00:00:00",
"dateUpdated": "2024-09-16T17:24:13.425Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-22196 (GCVE-0-2022-22196)
Vulnerability from cvelistv5
Published
2022-04-14 15:50
Modified
2024-09-16 20:59
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-754 - Improper Check for Unusual or Exceptional Conditions
- Denial of Service (DoS)
Summary
An Improper Check for Unusual or Exceptional Conditions vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker with an established ISIS adjacency to cause a Denial of Service (DoS). The rpd CPU spikes to 100% after a malformed ISIS TLV has been received which will lead to processing issues of routing updates and in turn traffic impact. This issue affects: Juniper Networks Junos OS 19.3 versions prior to 19.3R3-S4; 19.4 versions prior to 19.4R2-S6, 19.4R3-S6; 20.1 versions prior to 20.1R3-S2; 20.2 versions prior to 20.2R3-S3; 20.3 versions prior to 20.3R3-S1; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R3; 21.2 versions prior to 21.2R2. Juniper Networks Junos OS Evolved All versions prior to 20.4R3-S3-EVO; 21.2 versions prior to 21.2R2-EVO. This issue does not affect Juniper Networks Junos OS versions prior to 19.3R1.
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Juniper Networks | Junos OS |
Patch: unspecified < 19.3R1 Version: 19.3 < 19.3R3-S4 Version: 19.4 < 19.4R2-S6, 19.4R3-S6 Version: 20.1 < 20.1R3-S2 Version: 20.2 < 20.2R3-S3 Version: 20.3 < 20.3R3-S1 Version: 20.4 < 20.4R3 Version: 21.1 < 21.1R3 Version: 21.2 < 21.2R2 |
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:07:49.928Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.juniper.net/JSA69509"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Junos OS",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "19.3R1",
"status": "unaffected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "19.3R3-S4",
"status": "affected",
"version": "19.3",
"versionType": "custom"
},
{
"lessThan": "19.4R2-S6, 19.4R3-S6",
"status": "affected",
"version": "19.4",
"versionType": "custom"
},
{
"lessThan": "20.1R3-S2",
"status": "affected",
"version": "20.1",
"versionType": "custom"
},
{
"lessThan": "20.2R3-S3",
"status": "affected",
"version": "20.2",
"versionType": "custom"
},
{
"lessThan": "20.3R3-S1",
"status": "affected",
"version": "20.3",
"versionType": "custom"
},
{
"lessThan": "20.4R3",
"status": "affected",
"version": "20.4",
"versionType": "custom"
},
{
"lessThan": "21.1R3",
"status": "affected",
"version": "21.1",
"versionType": "custom"
},
{
"lessThan": "21.2R2",
"status": "affected",
"version": "21.2",
"versionType": "custom"
}
]
},
{
"product": "Junos OS Evolved",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "20.4R3-S3-EVO",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "21.2R2-EVO",
"status": "affected",
"version": "21.2",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-04-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An Improper Check for Unusual or Exceptional Conditions vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker with an established ISIS adjacency to cause a Denial of Service (DoS). The rpd CPU spikes to 100% after a malformed ISIS TLV has been received which will lead to processing issues of routing updates and in turn traffic impact. This issue affects: Juniper Networks Junos OS 19.3 versions prior to 19.3R3-S4; 19.4 versions prior to 19.4R2-S6, 19.4R3-S6; 20.1 versions prior to 20.1R3-S2; 20.2 versions prior to 20.2R3-S3; 20.3 versions prior to 20.3R3-S1; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R3; 21.2 versions prior to 21.2R2. Juniper Networks Junos OS Evolved All versions prior to 20.4R3-S3-EVO; 21.2 versions prior to 21.2R2-EVO. This issue does not affect Juniper Networks Junos OS versions prior to 19.3R1."
}
],
"exploits": [
{
"lang": "en",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-754",
"description": "CWE-754 Improper Check for Unusual or Exceptional Conditions",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"description": "Denial of Service (DoS)",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-14T15:50:58",
"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"shortName": "juniper"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.juniper.net/JSA69509"
}
],
"solutions": [
{
"lang": "en",
"value": "The following software releases have been updated to resolve this specific issue: \nJunos OS: 19.3R3-S4, 19.4R2-S6, 19.4R3-S6, 20.1R3-S2, 20.2R3-S3, 20.3R3-S1, 20.4R3, 21.1R3, 21.2R2, 21.3R1, and all subsequent releases;\nJunos OS Evolved: 20.4R3-S3-EVO, 21.2R2-EVO, 21.3R1-EVO, and all subsequent releases."
}
],
"source": {
"advisory": "JSA69509",
"defect": [
"1610983"
],
"discovery": "USER"
},
"title": "Junos OS and Junos OS Evolved: The rpd CPU spikes to 100% after a malformed ISIS TLV has been received",
"workarounds": [
{
"lang": "en",
"value": "There are no workarounds for this issue."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2022-04-13T07:00:00.000Z",
"ID": "CVE-2022-22196",
"STATE": "PUBLIC",
"TITLE": "Junos OS and Junos OS Evolved: The rpd CPU spikes to 100% after a malformed ISIS TLV has been received"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "19.3",
"version_value": "19.3R3-S4"
},
{
"version_affected": "\u003c",
"version_name": "19.4",
"version_value": "19.4R2-S6, 19.4R3-S6"
},
{
"version_affected": "\u003c",
"version_name": "20.1",
"version_value": "20.1R3-S2"
},
{
"version_affected": "\u003c",
"version_name": "20.2",
"version_value": "20.2R3-S3"
},
{
"version_affected": "\u003c",
"version_name": "20.3",
"version_value": "20.3R3-S1"
},
{
"version_affected": "\u003c",
"version_name": "20.4",
"version_value": "20.4R3"
},
{
"version_affected": "\u003c",
"version_name": "21.1",
"version_value": "21.1R3"
},
{
"version_affected": "\u003c",
"version_name": "21.2",
"version_value": "21.2R2"
},
{
"version_affected": "!\u003c",
"version_value": "19.3R1"
}
]
}
},
{
"product_name": "Junos OS Evolved",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "20.4R3-S3-EVO"
},
{
"version_affected": "\u003c",
"version_name": "21.2",
"version_value": "21.2R2-EVO"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An Improper Check for Unusual or Exceptional Conditions vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker with an established ISIS adjacency to cause a Denial of Service (DoS). The rpd CPU spikes to 100% after a malformed ISIS TLV has been received which will lead to processing issues of routing updates and in turn traffic impact. This issue affects: Juniper Networks Junos OS 19.3 versions prior to 19.3R3-S4; 19.4 versions prior to 19.4R2-S6, 19.4R3-S6; 20.1 versions prior to 20.1R3-S2; 20.2 versions prior to 20.2R3-S3; 20.3 versions prior to 20.3R3-S1; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R3; 21.2 versions prior to 21.2R2. Juniper Networks Junos OS Evolved All versions prior to 20.4R3-S3-EVO; 21.2 versions prior to 21.2R2-EVO. This issue does not affect Juniper Networks Junos OS versions prior to 19.3R1."
}
]
},
"exploit": [
{
"lang": "en",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-754 Improper Check for Unusual or Exceptional Conditions"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "Denial of Service (DoS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA69509",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA69509"
}
]
},
"solution": [
{
"lang": "en",
"value": "The following software releases have been updated to resolve this specific issue: \nJunos OS: 19.3R3-S4, 19.4R2-S6, 19.4R3-S6, 20.1R3-S2, 20.2R3-S3, 20.3R3-S1, 20.4R3, 21.1R3, 21.2R2, 21.3R1, and all subsequent releases;\nJunos OS Evolved: 20.4R3-S3-EVO, 21.2R2-EVO, 21.3R1-EVO, and all subsequent releases."
}
],
"source": {
"advisory": "JSA69509",
"defect": [
"1610983"
],
"discovery": "USER"
},
"work_around": [
{
"lang": "en",
"value": "There are no workarounds for this issue."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"assignerShortName": "juniper",
"cveId": "CVE-2022-22196",
"datePublished": "2022-04-14T15:50:58.157754Z",
"dateReserved": "2021-12-21T00:00:00",
"dateUpdated": "2024-09-16T20:59:04.245Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-22194 (GCVE-0-2022-22194)
Vulnerability from cvelistv5
Published
2022-04-14 15:50
Modified
2024-09-17 04:20
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-754 - Improper Check for Unusual or Exceptional Conditions
- Denial of Service (DoS)
Summary
An Improper Check for Unusual or Exceptional Conditions vulnerability in the packetIO daemon of Juniper Networks Junos OS Evolved on PTX10003, PTX10004, and PTX10008 allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). Continued receipt of these crafted packets will cause a sustained Denial of Service condition. This issue affects Juniper Networks Junos OS Evolved all versions prior to 20.4R2-S3-EVO on PTX10003, PTX10004, and PTX10008. This issue does not affect: Juniper Networks Junos OS Evolved versions 21.1R1-EVO and above; Juniper Networks Junos OS.
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Juniper Networks | Junos OS Evolved |
Version: unspecified < 20.4R2-S3-EVO, 20.4R3-EVO |
||||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:07:49.881Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.juniper.net/JSA69505"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"PTX10003, PTX10004, PTX10008"
],
"product": "Junos OS Evolved",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "20.4R2-S3-EVO, 20.4R3-EVO",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Junos OS Evolved",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "21.1*",
"status": "unaffected",
"version": "21.1R1-EVO",
"versionType": "custom"
}
]
},
{
"product": "Junos OS",
"vendor": "Juniper Networks",
"versions": [
{
"status": "unaffected",
"version": "any"
}
]
}
],
"datePublic": "2022-04-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An Improper Check for Unusual or Exceptional Conditions vulnerability in the packetIO daemon of Juniper Networks Junos OS Evolved on PTX10003, PTX10004, and PTX10008 allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). Continued receipt of these crafted packets will cause a sustained Denial of Service condition. This issue affects Juniper Networks Junos OS Evolved all versions prior to 20.4R2-S3-EVO on PTX10003, PTX10004, and PTX10008. This issue does not affect: Juniper Networks Junos OS Evolved versions 21.1R1-EVO and above; Juniper Networks Junos OS."
}
],
"exploits": [
{
"lang": "en",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-754",
"description": "CWE-754 Improper Check for Unusual or Exceptional Conditions",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"description": "Denial of Service (DoS)",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-14T15:50:55",
"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"shortName": "juniper"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.juniper.net/JSA69505"
}
],
"solutions": [
{
"lang": "en",
"value": "The following software releases have been updated to resolve this specific issue: 20.4R2-S3-EVO, 20.4R3-EVO."
}
],
"source": {
"advisory": "JSA69505",
"defect": [
"1614171"
],
"discovery": "USER"
},
"title": "Junos OS Evolved: PTX series: An attacker sending a crafted GRE packet will cause the PFE to restart",
"workarounds": [
{
"lang": "en",
"value": "One characteristic of this vulnerability is that an FPC restart will only be triggered by a crafted GRE packet which has its\u0027 TTL set to 0 or 1 so as a workaround a filter can be implemented that drops such packets:\n\n set firewall family inet filter GREfilter term 1 from protocol gre\n set firewall family inet filter GREfilter term 1 from ttl 0\n set firewall family inet filter GREfilter term 1 then count gre-ttl-0\n set firewall family inet filter GREfilter term 1 then discard\n set firewall family inet filter GREfilter term 2 from protocol gre\n set firewall family inet filter GREfilter term 2 from ttl 1\n set firewall family inet filter GREfilter term 2 then count gre-ttl-1\n set firewall family inet filter GREfilter term 2 then discard\n set firewall family inet filter GREfilter term default then accept\n\nAn equivalent filter for family inet6 is required if IPv6 is configured on at least one interface."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2022-04-13T07:00:00.000Z",
"ID": "CVE-2022-22194",
"STATE": "PUBLIC",
"TITLE": "Junos OS Evolved: PTX series: An attacker sending a crafted GRE packet will cause the PFE to restart"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Junos OS Evolved",
"version": {
"version_data": [
{
"platform": "PTX10003, PTX10004, PTX10008",
"version_affected": "\u003c",
"version_value": "20.4R2-S3-EVO, 20.4R3-EVO"
},
{
"version_affected": "!\u003e",
"version_name": "21.1",
"version_value": "21.1R1-EVO"
}
]
}
},
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"version_affected": "!",
"version_value": "any"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An Improper Check for Unusual or Exceptional Conditions vulnerability in the packetIO daemon of Juniper Networks Junos OS Evolved on PTX10003, PTX10004, and PTX10008 allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). Continued receipt of these crafted packets will cause a sustained Denial of Service condition. This issue affects Juniper Networks Junos OS Evolved all versions prior to 20.4R2-S3-EVO on PTX10003, PTX10004, and PTX10008. This issue does not affect: Juniper Networks Junos OS Evolved versions 21.1R1-EVO and above; Juniper Networks Junos OS."
}
]
},
"exploit": [
{
"lang": "en",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-754 Improper Check for Unusual or Exceptional Conditions"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "Denial of Service (DoS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA69505",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA69505"
}
]
},
"solution": [
{
"lang": "en",
"value": "The following software releases have been updated to resolve this specific issue: 20.4R2-S3-EVO, 20.4R3-EVO."
}
],
"source": {
"advisory": "JSA69505",
"defect": [
"1614171"
],
"discovery": "USER"
},
"work_around": [
{
"lang": "en",
"value": "One characteristic of this vulnerability is that an FPC restart will only be triggered by a crafted GRE packet which has its\u0027 TTL set to 0 or 1 so as a workaround a filter can be implemented that drops such packets:\n\n set firewall family inet filter GREfilter term 1 from protocol gre\n set firewall family inet filter GREfilter term 1 from ttl 0\n set firewall family inet filter GREfilter term 1 then count gre-ttl-0\n set firewall family inet filter GREfilter term 1 then discard\n set firewall family inet filter GREfilter term 2 from protocol gre\n set firewall family inet filter GREfilter term 2 from ttl 1\n set firewall family inet filter GREfilter term 2 then count gre-ttl-1\n set firewall family inet filter GREfilter term 2 then discard\n set firewall family inet filter GREfilter term default then accept\n\nAn equivalent filter for family inet6 is required if IPv6 is configured on at least one interface."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"assignerShortName": "juniper",
"cveId": "CVE-2022-22194",
"datePublished": "2022-04-14T15:50:55.258749Z",
"dateReserved": "2021-12-21T00:00:00",
"dateUpdated": "2024-09-17T04:20:48.042Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-22183 (GCVE-0-2022-22183)
Vulnerability from cvelistv5
Published
2022-04-14 15:50
Modified
2024-09-16 20:13
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
An Improper Access Control vulnerability in Juniper Networks Junos OS Evolved allows a network-based unauthenticated attacker who is able to connect to a specific open IPv4 port, which in affected releases should otherwise be unreachable, to cause the CPU to consume all resources as more traffic is sent to the port to create a Denial of Service (DoS) condition. Continued receipt and processing of these packets will create a sustained Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS Evolved 20.4 versions prior to 20.4R3-S2-EVO; 21.1 versions prior to 21.1R3-S1-EVO; 21.2 versions prior to 21.2R3-EVO; 21.3 versions prior to 21.3R2-EVO; 21.4 versions prior to 21.4R2-EVO. This issue does not affect Junos OS.
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Juniper Networks | Junos OS Evolved |
Version: 20.4 < 20.4R3-S2-EVO Version: 21.1 < 21.1R3-S1-EVO Version: 21.2 < 21.2R3-EVO Version: 21.3 < 21.3R2-EVO Version: 21.4 < 21.4R2-EVO |
||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:07:50.192Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.juniper.net/JSA69516"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Junos OS Evolved",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "20.4R3-S2-EVO",
"status": "affected",
"version": "20.4",
"versionType": "custom"
},
{
"lessThan": "21.1R3-S1-EVO",
"status": "affected",
"version": "21.1",
"versionType": "custom"
},
{
"lessThan": "21.2R3-EVO",
"status": "affected",
"version": "21.2",
"versionType": "custom"
},
{
"lessThan": "21.3R2-EVO",
"status": "affected",
"version": "21.3",
"versionType": "custom"
},
{
"lessThan": "21.4R2-EVO",
"status": "affected",
"version": "21.4",
"versionType": "custom"
}
]
},
{
"product": "Junos OS",
"vendor": "Juniper Networks",
"versions": [
{
"status": "unaffected",
"version": "Any"
}
]
}
],
"datePublic": "2022-04-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An Improper Access Control vulnerability in Juniper Networks Junos OS Evolved allows a network-based unauthenticated attacker who is able to connect to a specific open IPv4 port, which in affected releases should otherwise be unreachable, to cause the CPU to consume all resources as more traffic is sent to the port to create a Denial of Service (DoS) condition. Continued receipt and processing of these packets will create a sustained Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS Evolved 20.4 versions prior to 20.4R3-S2-EVO; 21.1 versions prior to 21.1R3-S1-EVO; 21.2 versions prior to 21.2R3-EVO; 21.3 versions prior to 21.3R2-EVO; 21.4 versions prior to 21.4R2-EVO. This issue does not affect Junos OS."
}
],
"exploits": [
{
"lang": "en",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service (DoS)",
"lang": "en",
"type": "text"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-16",
"description": "CWE-16 Configuration",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Information Exposure",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-14T15:50:40",
"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"shortName": "juniper"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.juniper.net/JSA69516"
}
],
"solutions": [
{
"lang": "en",
"value": "The following software releases have been updated to resolve this specific issue: 20.4R3-S2-EVO, 21.1R3-S1-EVO, 21.2R3-EVO, 21.3R2-EVO, 21.4R2-EVO, 22.1R1-EVO, and all subsequent releases."
}
],
"source": {
"advisory": "JSA69516",
"defect": [
"1636338"
],
"discovery": "USER"
},
"title": "Junos OS Evolved: A remote attacker may cause a CPU Denial of Service by sending genuine traffic to a device on a specific IPv4 port.",
"workarounds": [
{
"lang": "en",
"value": "There are no available workarounds for this issue.\n\nTo reduce the risk of exploitation customers may enable loopback firewall filters on the device to drop unnecessary connections and traffic from untrusted networks and devices."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2022-04-13T16:00:00.000Z",
"ID": "CVE-2022-22183",
"STATE": "PUBLIC",
"TITLE": "Junos OS Evolved: A remote attacker may cause a CPU Denial of Service by sending genuine traffic to a device on a specific IPv4 port."
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Junos OS Evolved",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "20.4",
"version_value": "20.4R3-S2-EVO"
},
{
"version_affected": "\u003c",
"version_name": "21.1",
"version_value": "21.1R3-S1-EVO"
},
{
"version_affected": "\u003c",
"version_name": "21.2",
"version_value": "21.2R3-EVO"
},
{
"version_affected": "\u003c",
"version_name": "21.3",
"version_value": "21.3R2-EVO"
},
{
"version_affected": "\u003c",
"version_name": "21.4",
"version_value": "21.4R2-EVO"
}
]
}
},
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"version_affected": "!",
"version_value": "Any"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An Improper Access Control vulnerability in Juniper Networks Junos OS Evolved allows a network-based unauthenticated attacker who is able to connect to a specific open IPv4 port, which in affected releases should otherwise be unreachable, to cause the CPU to consume all resources as more traffic is sent to the port to create a Denial of Service (DoS) condition. Continued receipt and processing of these packets will create a sustained Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS Evolved 20.4 versions prior to 20.4R3-S2-EVO; 21.1 versions prior to 21.1R3-S1-EVO; 21.2 versions prior to 21.2R3-EVO; 21.3 versions prior to 21.3R2-EVO; 21.4 versions prior to 21.4R2-EVO. This issue does not affect Junos OS."
}
]
},
"exploit": [
{
"lang": "en",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service (DoS)"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-16 Configuration"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-200 Information Exposure"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-284 Improper Access Control"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA69516",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA69516"
}
]
},
"solution": [
{
"lang": "en",
"value": "The following software releases have been updated to resolve this specific issue: 20.4R3-S2-EVO, 21.1R3-S1-EVO, 21.2R3-EVO, 21.3R2-EVO, 21.4R2-EVO, 22.1R1-EVO, and all subsequent releases."
}
],
"source": {
"advisory": "JSA69516",
"defect": [
"1636338"
],
"discovery": "USER"
},
"work_around": [
{
"lang": "en",
"value": "There are no available workarounds for this issue.\n\nTo reduce the risk of exploitation customers may enable loopback firewall filters on the device to drop unnecessary connections and traffic from untrusted networks and devices."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"assignerShortName": "juniper",
"cveId": "CVE-2022-22183",
"datePublished": "2022-04-14T15:50:40.506078Z",
"dateReserved": "2021-12-21T00:00:00",
"dateUpdated": "2024-09-16T20:13:18.471Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-22198 (GCVE-0-2022-22198)
Vulnerability from cvelistv5
Published
2022-04-14 15:51
Modified
2024-09-17 02:57
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-824 - Access of Uninitialized Pointer
- Denial of Service (DoS)
Summary
An Access of Uninitialized Pointer vulnerability in the SIP ALG of Juniper Networks Junos OS allows an unauthenticated network-based attacker to cause a Denial of Service (DoS). Continued receipt of these specific packets will cause a sustained Denial of Service condition. On all MX and SRX platforms, if the SIP ALG is enabled, an MS-MPC or MS-MIC, or SPC will crash if it receives a SIP message with a specific contact header format. This issue affects Juniper Networks Junos OS on MX Series and SRX Series: 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R2-S1, 21.1R3; 21.2 versions prior to 21.2R2. This issue does not affect versions prior to 20.4R1.
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Juniper Networks | Junos OS |
Patch: unspecified < 20.4R1 Version: 20.4 < 20.4R3 Version: 21.1 < 21.1R2-S1, 21.1R3 Version: 21.2 < 21.2R2 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:07:50.206Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.juniper.net/JSA69513"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"MX Series, SRX Series"
],
"product": "Junos OS",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "20.4R1",
"status": "unaffected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "20.4R3",
"status": "affected",
"version": "20.4",
"versionType": "custom"
},
{
"lessThan": "21.1R2-S1, 21.1R3",
"status": "affected",
"version": "21.1",
"versionType": "custom"
},
{
"lessThan": "21.2R2",
"status": "affected",
"version": "21.2",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"value": "To be affected the SIP ALG needs to be enabled, either implicitly / by default or by way of configuration. Please verify on SRX with:\n\n user@host\u003e show security alg status | match sip\n SIP : Enabled\n\nPlease verify on MX whether the following is configured:\n\n [ services ... rule \u003crule-name\u003e (term \u003cterm-name\u003e) from/match application/application-set \u003cname\u003e ]\n\nwhere either\na. name = junos-sip or\nan application or application-set refers to SIP:\nb. [ applications application \u003cname\u003e application-protocol sip ] or\nc. [ applications application-set \u003cname\u003e application junos-sip ]"
}
],
"datePublic": "2022-04-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An Access of Uninitialized Pointer vulnerability in the SIP ALG of Juniper Networks Junos OS allows an unauthenticated network-based attacker to cause a Denial of Service (DoS). Continued receipt of these specific packets will cause a sustained Denial of Service condition. On all MX and SRX platforms, if the SIP ALG is enabled, an MS-MPC or MS-MIC, or SPC will crash if it receives a SIP message with a specific contact header format. This issue affects Juniper Networks Junos OS on MX Series and SRX Series: 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R2-S1, 21.1R3; 21.2 versions prior to 21.2R2. This issue does not affect versions prior to 20.4R1."
}
],
"exploits": [
{
"lang": "en",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-824",
"description": "CWE-824 Access of Uninitialized Pointer",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"description": "Denial of Service (DoS)",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-14T15:51:01",
"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"shortName": "juniper"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.juniper.net/JSA69513"
}
],
"solutions": [
{
"lang": "en",
"value": "The following software releases have been updated to resolve this specific issue: 20.4R3, 21.1R2-S1, 21.1R3, 21.2R2, 21.3R1, and all subsequent releases."
}
],
"source": {
"advisory": "JSA69513",
"defect": [
"1612450"
],
"discovery": "USER"
},
"title": "Junos OS: MX MS-MPC or MS-MIC, or SRX SPC crashes if it receives a SIP message with a specific contact header format",
"workarounds": [
{
"lang": "en",
"value": "There are no viable workarounds for this issue, but it should be considered to disable the SIP ALG if it\u0027s not strictly needed."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2022-04-13T07:00:00.000Z",
"ID": "CVE-2022-22198",
"STATE": "PUBLIC",
"TITLE": "Junos OS: MX MS-MPC or MS-MIC, or SRX SPC crashes if it receives a SIP message with a specific contact header format"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"platform": "MX Series, SRX Series",
"version_affected": "\u003c",
"version_name": "20.4",
"version_value": "20.4R3"
},
{
"platform": "MX Series, SRX Series",
"version_affected": "\u003c",
"version_name": "21.1",
"version_value": "21.1R2-S1, 21.1R3"
},
{
"platform": "MX Series, SRX Series",
"version_affected": "\u003c",
"version_name": "21.2",
"version_value": "21.2R2"
},
{
"platform": "MX Series, SRX Series",
"version_affected": "!\u003c",
"version_value": "20.4R1"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"configuration": [
{
"lang": "en",
"value": "To be affected the SIP ALG needs to be enabled, either implicitly / by default or by way of configuration. Please verify on SRX with:\n\n user@host\u003e show security alg status | match sip\n SIP : Enabled\n\nPlease verify on MX whether the following is configured:\n\n [ services ... rule \u003crule-name\u003e (term \u003cterm-name\u003e) from/match application/application-set \u003cname\u003e ]\n\nwhere either\na. name = junos-sip or\nan application or application-set refers to SIP:\nb. [ applications application \u003cname\u003e application-protocol sip ] or\nc. [ applications application-set \u003cname\u003e application junos-sip ]"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An Access of Uninitialized Pointer vulnerability in the SIP ALG of Juniper Networks Junos OS allows an unauthenticated network-based attacker to cause a Denial of Service (DoS). Continued receipt of these specific packets will cause a sustained Denial of Service condition. On all MX and SRX platforms, if the SIP ALG is enabled, an MS-MPC or MS-MIC, or SPC will crash if it receives a SIP message with a specific contact header format. This issue affects Juniper Networks Junos OS on MX Series and SRX Series: 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R2-S1, 21.1R3; 21.2 versions prior to 21.2R2. This issue does not affect versions prior to 20.4R1."
}
]
},
"exploit": [
{
"lang": "en",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-824 Access of Uninitialized Pointer"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "Denial of Service (DoS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA69513",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA69513"
}
]
},
"solution": [
{
"lang": "en",
"value": "The following software releases have been updated to resolve this specific issue: 20.4R3, 21.1R2-S1, 21.1R3, 21.2R2, 21.3R1, and all subsequent releases."
}
],
"source": {
"advisory": "JSA69513",
"defect": [
"1612450"
],
"discovery": "USER"
},
"work_around": [
{
"lang": "en",
"value": "There are no viable workarounds for this issue, but it should be considered to disable the SIP ALG if it\u0027s not strictly needed."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"assignerShortName": "juniper",
"cveId": "CVE-2022-22198",
"datePublished": "2022-04-14T15:51:01.439050Z",
"dateReserved": "2021-12-21T00:00:00",
"dateUpdated": "2024-09-17T02:57:45.257Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-22181 (GCVE-0-2022-22181)
Vulnerability from cvelistv5
Published
2022-04-14 15:50
Modified
2024-09-17 02:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Cross-site Scripting (XSS)
Summary
A reflected Cross-site Scripting (XSS) vulnerability in J-Web of Juniper Networks Junos OS allows a network-based authenticated attacker to run malicious scripts reflected off J-Web to the victim's browser in the context of their session within J-Web. This may allow the attacker to gain control of the device or attack other authenticated user sessions. This issue affects: Juniper Networks Junos OS All versions prior to 18.3R3-S5; 18.4 versions prior to 18.4R3-S9; 19.1 versions prior to 19.1R3-S6; 19.2 versions prior to 19.2R3-S3; 19.3 versions prior to 19.3R2-S6, 19.3R3-S3; 19.4 versions prior to 19.4R3-S5; 20.1 versions prior to 20.1R3-S4; 20.2 versions prior to 20.2R3-S2; 20.3 versions prior to 20.3R3; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R1-S1, 21.1R2.
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Juniper Networks | Junos OS |
Version: unspecified < 18.3R3-S5 Version: 18.4 < 18.4R3-S9 Version: 19.1 < 19.1R3-S6 Version: 19.2 < 19.2R3-S3 Version: 19.3 < 19.3R2-S6, 19.3R3-S3 Version: 19.4 < 19.4R3-S5 Version: 20.1 < 20.1R3-S4 Version: 20.2 < 20.2R3-S2 Version: 20.3 < 20.3R3 Version: 20.4 < 20.4R3 Version: 21.1 < 21.1R1-S1, 21.1R2 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:07:50.143Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.juniper.net/JSA69517"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Junos OS",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "18.3R3-S5",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "18.4R3-S9",
"status": "affected",
"version": "18.4",
"versionType": "custom"
},
{
"lessThan": "19.1R3-S6",
"status": "affected",
"version": "19.1",
"versionType": "custom"
},
{
"lessThan": "19.2R3-S3",
"status": "affected",
"version": "19.2",
"versionType": "custom"
},
{
"lessThan": "19.3R2-S6, 19.3R3-S3",
"status": "affected",
"version": "19.3",
"versionType": "custom"
},
{
"lessThan": "19.4R3-S5",
"status": "affected",
"version": "19.4",
"versionType": "custom"
},
{
"lessThan": "20.1R3-S4",
"status": "affected",
"version": "20.1",
"versionType": "custom"
},
{
"lessThan": "20.2R3-S2",
"status": "affected",
"version": "20.2",
"versionType": "custom"
},
{
"lessThan": "20.3R3",
"status": "affected",
"version": "20.3",
"versionType": "custom"
},
{
"lessThan": "20.4R3",
"status": "affected",
"version": "20.4",
"versionType": "custom"
},
{
"lessThan": "21.1R1-S1, 21.1R2",
"status": "affected",
"version": "21.1",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"value": "The examples of the config stanza affected by this issue:\n\n [system services web-management]\n [system services web-management https]"
}
],
"datePublic": "2022-04-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A reflected Cross-site Scripting (XSS) vulnerability in J-Web of Juniper Networks Junos OS allows a network-based authenticated attacker to run malicious scripts reflected off J-Web to the victim\u0027s browser in the context of their session within J-Web. This may allow the attacker to gain control of the device or attack other authenticated user sessions. This issue affects: Juniper Networks Junos OS All versions prior to 18.3R3-S5; 18.4 versions prior to 18.4R3-S9; 19.1 versions prior to 19.1R3-S6; 19.2 versions prior to 19.2R3-S3; 19.3 versions prior to 19.3R2-S6, 19.3R3-S3; 19.4 versions prior to 19.4R3-S5; 20.1 versions prior to 20.1R3-S4; 20.2 versions prior to 20.2R3-S2; 20.3 versions prior to 20.3R3; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R1-S1, 21.1R2."
}
],
"exploits": [
{
"lang": "en",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Cross-site Scripting (XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-14T15:50:37",
"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"shortName": "juniper"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.juniper.net/JSA69517"
}
],
"solutions": [
{
"lang": "en",
"value": "The following software releases have been updated to resolve this specific issue: 18.3R3-S5, 18.4R3-S9, 19.1R3-S6, 19.2R3-S3, 19.3R2-S6, 19.3R3-S3, 19.4R3-S5, 20.1R3-S4, 20.2R3-S2, 20.3R3, 20.4R3, 21.1R1-S1, 21.1R2, 21.2R1, and all subsequent releases."
}
],
"source": {
"advisory": "JSA69517",
"defect": [
"1591621"
],
"discovery": "INTERNAL"
},
"title": "Junos OS: J-Web can be compromised through reflected XSS attacks",
"workarounds": [
{
"lang": "en",
"value": "To reduce the risk of exploitation of this issue, use access lists or firewall filters to limit access to only trusted administrative networks, hosts and users.\n\nAlternatively, J-Web can be disabled."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2022-04-13T16:00:00.000Z",
"ID": "CVE-2022-22181",
"STATE": "PUBLIC",
"TITLE": "Junos OS: J-Web can be compromised through reflected XSS attacks"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "18.3R3-S5"
},
{
"version_affected": "\u003c",
"version_name": "18.4",
"version_value": "18.4R3-S9"
},
{
"version_affected": "\u003c",
"version_name": "19.1",
"version_value": "19.1R3-S6"
},
{
"version_affected": "\u003c",
"version_name": "19.2",
"version_value": "19.2R3-S3"
},
{
"version_affected": "\u003c",
"version_name": "19.3",
"version_value": "19.3R2-S6, 19.3R3-S3"
},
{
"version_affected": "\u003c",
"version_name": "19.4",
"version_value": "19.4R3-S5"
},
{
"version_affected": "\u003c",
"version_name": "20.1",
"version_value": "20.1R3-S4"
},
{
"version_affected": "\u003c",
"version_name": "20.2",
"version_value": "20.2R3-S2"
},
{
"version_affected": "\u003c",
"version_name": "20.3",
"version_value": "20.3R3"
},
{
"version_affected": "\u003c",
"version_name": "20.4",
"version_value": "20.4R3"
},
{
"version_affected": "\u003c",
"version_name": "21.1",
"version_value": "21.1R1-S1, 21.1R2"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"configuration": [
{
"lang": "en",
"value": "The examples of the config stanza affected by this issue:\n\n [system services web-management]\n [system services web-management https]"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A reflected Cross-site Scripting (XSS) vulnerability in J-Web of Juniper Networks Junos OS allows a network-based authenticated attacker to run malicious scripts reflected off J-Web to the victim\u0027s browser in the context of their session within J-Web. This may allow the attacker to gain control of the device or attack other authenticated user sessions. This issue affects: Juniper Networks Junos OS All versions prior to 18.3R3-S5; 18.4 versions prior to 18.4R3-S9; 19.1 versions prior to 19.1R3-S6; 19.2 versions prior to 19.2R3-S3; 19.3 versions prior to 19.3R2-S6, 19.3R3-S3; 19.4 versions prior to 19.4R3-S5; 20.1 versions prior to 20.1R3-S4; 20.2 versions prior to 20.2R3-S2; 20.3 versions prior to 20.3R3; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R1-S1, 21.1R2."
}
]
},
"exploit": [
{
"lang": "en",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross-site Scripting (XSS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA69517",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA69517"
}
]
},
"solution": [
{
"lang": "en",
"value": "The following software releases have been updated to resolve this specific issue: 18.3R3-S5, 18.4R3-S9, 19.1R3-S6, 19.2R3-S3, 19.3R2-S6, 19.3R3-S3, 19.4R3-S5, 20.1R3-S4, 20.2R3-S2, 20.3R3, 20.4R3, 21.1R1-S1, 21.1R2, 21.2R1, and all subsequent releases."
}
],
"source": {
"advisory": "JSA69517",
"defect": [
"1591621"
],
"discovery": "INTERNAL"
},
"work_around": [
{
"lang": "en",
"value": "To reduce the risk of exploitation of this issue, use access lists or firewall filters to limit access to only trusted administrative networks, hosts and users.\n\nAlternatively, J-Web can be disabled."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"assignerShortName": "juniper",
"cveId": "CVE-2022-22181",
"datePublished": "2022-04-14T15:50:37.275378Z",
"dateReserved": "2021-12-21T00:00:00",
"dateUpdated": "2024-09-17T02:36:11.063Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…