CVE-2022-22214 (GCVE-0-2022-22214)
Vulnerability from cvelistv5
Published
2022-07-20 14:15
Modified
2024-09-17 02:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-20 - Improper Input Validation
- Denial of Service (DoS)
Summary
An Improper Input Validation vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent attacker to cause a PFE crash and thereby a Denial of Service (DoS). An FPC will crash and reboot after receiving a specific transit IPv6 packet over MPLS. Continued receipt of this packet will create a sustained Denial of Service (DoS) condition. This issue does not affect systems configured for IPv4 only. This issue affects: Juniper Networks Junos OS All versions prior to 12.3R12-S21; 15.1 versions prior to 15.1R7-S10; 17.3 versions prior to 17.3R3-S12; 18.3 versions prior to 18.3R3-S6; 18.4 versions prior to 18.4R2-S9, 18.4R3-S9; 19.1 versions prior to 19.1R2-S3, 19.1R3-S7; 19.2 versions prior to 19.2R1-S7, 19.2R3-S3; 19.3 versions prior to 19.3R2-S7, 19.3R3-S4; 19.4 versions prior to 19.4R3-S5; 20.1 versions prior to 20.1R3; 20.2 versions prior to 20.2R3-S2; 20.3 versions prior to 20.3R3; 20.4 versions prior to 20.4R2-S2, 20.4R3; 21.1 versions prior to 21.1R2. Juniper Networks Junos OS Evolved All versions prior to 20.4R3-S3-EVO; 21.2 versions prior to 21.2R3-EVO; 21.3 versions prior to 21.3R2-S1-EVO, 21.3R3-EVO; 21.4 versions prior to 21.4R2-EVO.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ► | Juniper Networks | Junos OS |
Version: unspecified < 12.3R12-S21 Version: 15.1 < 15.1R7-S10 Version: 17.3 < 17.3R3-S12 Version: 18.3 < 18.3R3-S6 Version: 18.4 < 18.4R2-S9, 18.4R3-S9 Version: 19.1 < 19.1R2-S3, 19.1R3-S7 Version: 19.2 < 19.2R1-S7, 19.2R3-S3 Version: 19.3 < 19.3R2-S7, 19.3R3-S4 Version: 19.4 < 19.4R3-S5 Version: 20.1 < 20.1R3 Version: 20.2 < 20.2R3-S2 Version: 20.3 < 20.3R3 Version: 20.4 < 20.4R2-S2, 20.4R3 Version: 21.1 < 21.1R2 |
||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:07:50.211Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.juniper.net/JSA69718"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Junos OS",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "12.3R12-S21",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "15.1R7-S10",
"status": "affected",
"version": "15.1",
"versionType": "custom"
},
{
"lessThan": "17.3R3-S12",
"status": "affected",
"version": "17.3",
"versionType": "custom"
},
{
"lessThan": "18.3R3-S6",
"status": "affected",
"version": "18.3",
"versionType": "custom"
},
{
"lessThan": "18.4R2-S9, 18.4R3-S9",
"status": "affected",
"version": "18.4",
"versionType": "custom"
},
{
"lessThan": "19.1R2-S3, 19.1R3-S7",
"status": "affected",
"version": "19.1",
"versionType": "custom"
},
{
"lessThan": "19.2R1-S7, 19.2R3-S3",
"status": "affected",
"version": "19.2",
"versionType": "custom"
},
{
"lessThan": "19.3R2-S7, 19.3R3-S4",
"status": "affected",
"version": "19.3",
"versionType": "custom"
},
{
"lessThan": "19.4R3-S5",
"status": "affected",
"version": "19.4",
"versionType": "custom"
},
{
"lessThan": "20.1R3",
"status": "affected",
"version": "20.1",
"versionType": "custom"
},
{
"lessThan": "20.2R3-S2",
"status": "affected",
"version": "20.2",
"versionType": "custom"
},
{
"lessThan": "20.3R3",
"status": "affected",
"version": "20.3",
"versionType": "custom"
},
{
"lessThan": "20.4R2-S2, 20.4R3",
"status": "affected",
"version": "20.4",
"versionType": "custom"
},
{
"lessThan": "21.1R2",
"status": "affected",
"version": "21.1",
"versionType": "custom"
}
]
},
{
"product": "Junos OS Evolved",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "20.4R3-S3-EVO",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "21.2R3-EVO",
"status": "affected",
"version": "21.2",
"versionType": "custom"
},
{
"lessThan": "21.3R2-S1-EVO, 21.3R3-EVO",
"status": "affected",
"version": "21.3",
"versionType": "custom"
},
{
"lessThan": "21.4R2-EVO",
"status": "affected",
"version": "21.4",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"value": "For a device to be affected both of the following two lines of configuration need to be present on at least two revenue interfaces:\n\n [ interfaces \u003cinterface\u003e family mpls ]\n [ interfaces \u003cinterface\u003e family inet6 ]"
}
],
"datePublic": "2022-07-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An Improper Input Validation vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent attacker to cause a PFE crash and thereby a Denial of Service (DoS). An FPC will crash and reboot after receiving a specific transit IPv6 packet over MPLS. Continued receipt of this packet will create a sustained Denial of Service (DoS) condition. This issue does not affect systems configured for IPv4 only. This issue affects: Juniper Networks Junos OS All versions prior to 12.3R12-S21; 15.1 versions prior to 15.1R7-S10; 17.3 versions prior to 17.3R3-S12; 18.3 versions prior to 18.3R3-S6; 18.4 versions prior to 18.4R2-S9, 18.4R3-S9; 19.1 versions prior to 19.1R2-S3, 19.1R3-S7; 19.2 versions prior to 19.2R1-S7, 19.2R3-S3; 19.3 versions prior to 19.3R2-S7, 19.3R3-S4; 19.4 versions prior to 19.4R3-S5; 20.1 versions prior to 20.1R3; 20.2 versions prior to 20.2R3-S2; 20.3 versions prior to 20.3R3; 20.4 versions prior to 20.4R2-S2, 20.4R3; 21.1 versions prior to 21.1R2. Juniper Networks Junos OS Evolved All versions prior to 20.4R3-S3-EVO; 21.2 versions prior to 21.2R3-EVO; 21.3 versions prior to 21.3R2-S1-EVO, 21.3R3-EVO; 21.4 versions prior to 21.4R2-EVO."
}
],
"exploits": [
{
"lang": "en",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"description": "Denial of Service (DoS)",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-20T14:15:29",
"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"shortName": "juniper"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.juniper.net/JSA69718"
}
],
"solutions": [
{
"lang": "en",
"value": "The following software releases have been updated to resolve this specific issue: 12.3R12-S21, 15.1R7-S10, 17.3R3-S12, 18.3R3-S6, 18.4R2-S9, 18.4R3-S9, 19.1R2-S3, 19.1R3-S7, 19.2R1-S7, 19.2R3-S3, 19.3R2-S7, 19.3R3-S4, 19.4R3-S5, 20.1R3, 20.2R3-S2, 20.3R3, 20.4R2-S2, 20.4R3, 21.1R2, 21.2R1, and all subsequent releases.\nJunos OS Evolved: 20.4R3-S3-EVO, 21.2R3-EVO, 21.3R2-S1-EVO, 21.3R3-EVO, 21.4R2-EVO, 22.1R1-EVO, and all subsequent releases."
}
],
"source": {
"advisory": "JSA69718",
"defect": [
"1578481",
"1642721"
],
"discovery": "USER"
},
"title": "Junos OS and Junos OS Evolved: In an MPLS scenario upon receipt of a specific IPv6 packet an FPC will crash",
"workarounds": [
{
"lang": "en",
"value": "There are no viable workarounds for this issue."
}
],
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "sirt@juniper.net",
"DATE_PUBLIC": "2022-07-13T16:00:00.000Z",
"ID": "CVE-2022-22214",
"STATE": "PUBLIC",
"TITLE": "Junos OS and Junos OS Evolved: In an MPLS scenario upon receipt of a specific IPv6 packet an FPC will crash"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Junos OS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "12.3R12-S21"
},
{
"version_affected": "\u003c",
"version_name": "15.1",
"version_value": "15.1R7-S10"
},
{
"version_affected": "\u003c",
"version_name": "17.3",
"version_value": "17.3R3-S12"
},
{
"version_affected": "\u003c",
"version_name": "18.3",
"version_value": "18.3R3-S6"
},
{
"version_affected": "\u003c",
"version_name": "18.4",
"version_value": "18.4R2-S9, 18.4R3-S9"
},
{
"version_affected": "\u003c",
"version_name": "19.1",
"version_value": "19.1R2-S3, 19.1R3-S7"
},
{
"version_affected": "\u003c",
"version_name": "19.2",
"version_value": "19.2R1-S7, 19.2R3-S3"
},
{
"version_affected": "\u003c",
"version_name": "19.3",
"version_value": "19.3R2-S7, 19.3R3-S4"
},
{
"version_affected": "\u003c",
"version_name": "19.4",
"version_value": "19.4R3-S5"
},
{
"version_affected": "\u003c",
"version_name": "20.1",
"version_value": "20.1R3"
},
{
"version_affected": "\u003c",
"version_name": "20.2",
"version_value": "20.2R3-S2"
},
{
"version_affected": "\u003c",
"version_name": "20.3",
"version_value": "20.3R3"
},
{
"version_affected": "\u003c",
"version_name": "20.4",
"version_value": "20.4R2-S2, 20.4R3"
},
{
"version_affected": "\u003c",
"version_name": "21.1",
"version_value": "21.1R2"
}
]
}
},
{
"product_name": "Junos OS Evolved",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "20.4R3-S3-EVO"
},
{
"version_affected": "\u003c",
"version_name": "21.2",
"version_value": "21.2R3-EVO"
},
{
"version_affected": "\u003c",
"version_name": "21.3",
"version_value": "21.3R2-S1-EVO, 21.3R3-EVO"
},
{
"version_affected": "\u003c",
"version_name": "21.4",
"version_value": "21.4R2-EVO"
}
]
}
}
]
},
"vendor_name": "Juniper Networks"
}
]
}
},
"configuration": [
{
"lang": "en",
"value": "For a device to be affected both of the following two lines of configuration need to be present on at least two revenue interfaces:\n\n [ interfaces \u003cinterface\u003e family mpls ]\n [ interfaces \u003cinterface\u003e family inet6 ]"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An Improper Input Validation vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent attacker to cause a PFE crash and thereby a Denial of Service (DoS). An FPC will crash and reboot after receiving a specific transit IPv6 packet over MPLS. Continued receipt of this packet will create a sustained Denial of Service (DoS) condition. This issue does not affect systems configured for IPv4 only. This issue affects: Juniper Networks Junos OS All versions prior to 12.3R12-S21; 15.1 versions prior to 15.1R7-S10; 17.3 versions prior to 17.3R3-S12; 18.3 versions prior to 18.3R3-S6; 18.4 versions prior to 18.4R2-S9, 18.4R3-S9; 19.1 versions prior to 19.1R2-S3, 19.1R3-S7; 19.2 versions prior to 19.2R1-S7, 19.2R3-S3; 19.3 versions prior to 19.3R2-S7, 19.3R3-S4; 19.4 versions prior to 19.4R3-S5; 20.1 versions prior to 20.1R3; 20.2 versions prior to 20.2R3-S2; 20.3 versions prior to 20.3R3; 20.4 versions prior to 20.4R2-S2, 20.4R3; 21.1 versions prior to 21.1R2. Juniper Networks Junos OS Evolved All versions prior to 20.4R3-S3-EVO; 21.2 versions prior to 21.2R3-EVO; 21.3 versions prior to 21.3R2-S1-EVO, 21.3R3-EVO; 21.4 versions prior to 21.4R2-EVO."
}
]
},
"exploit": [
{
"lang": "en",
"value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
}
],
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20 Improper Input Validation"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "Denial of Service (DoS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA69718",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA69718"
}
]
},
"solution": [
{
"lang": "en",
"value": "The following software releases have been updated to resolve this specific issue: 12.3R12-S21, 15.1R7-S10, 17.3R3-S12, 18.3R3-S6, 18.4R2-S9, 18.4R3-S9, 19.1R2-S3, 19.1R3-S7, 19.2R1-S7, 19.2R3-S3, 19.3R2-S7, 19.3R3-S4, 19.4R3-S5, 20.1R3, 20.2R3-S2, 20.3R3, 20.4R2-S2, 20.4R3, 21.1R2, 21.2R1, and all subsequent releases.\nJunos OS Evolved: 20.4R3-S3-EVO, 21.2R3-EVO, 21.3R2-S1-EVO, 21.3R3-EVO, 21.4R2-EVO, 22.1R1-EVO, and all subsequent releases."
}
],
"source": {
"advisory": "JSA69718",
"defect": [
"1578481",
"1642721"
],
"discovery": "USER"
},
"work_around": [
{
"lang": "en",
"value": "There are no viable workarounds for this issue."
}
]
}
}
},
"cveMetadata": {
"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
"assignerShortName": "juniper",
"cveId": "CVE-2022-22214",
"datePublished": "2022-07-20T14:15:29.370417Z",
"dateReserved": "2021-12-21T00:00:00",
"dateUpdated": "2024-09-17T02:36:44.141Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…