CVE-2022-22201

Published Oct 18, 2022
Last updated 2 years ago
CVSS high 7.5
Overview

Description: An Improper Validation of Specified Index, Position, or Offset in Input vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an unauthenticated network-based attacker to cause a Denial of Service (DoS). On SRX5000 Series with SPC3, SRX4000 Series, and vSRX, when PowerMode IPsec is configured and a malformed ESP packet matching an established IPsec tunnel is received the PFE crashes. This issue affects Juniper Networks Junos OS on SRX5000 Series with SPC3, SRX4000 Series, and vSRX: All versions prior to 19.4R2-S6, 19.4R3-S7; 20.1 versions prior to 20.1R3-S3; 20.2 versions prior to 20.2R3-S4; 20.3 versions prior to 20.3R3-S3; 20.4 versions prior to 20.4R3-S2; 21.1 versions prior to 21.1R3; 21.2 versions prior to 21.2R3; 21.3 versions prior to 21.3R1-S2, 21.3R2.
Source: sirt@juniper.net
NVD status: Analyzed
Risk scores

CVSS 3.1

Type: Primary
Base score: 7.5
Impact score: 3.6
Exploitability score: 3.9
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Severity: HIGH
Weaknesses

nvd@nist.gov: CWE-20
sirt@juniper.net: CWE-1285
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BEF1C9AB-1107-4A26-BB84-BDD72B4E6564",
            "versionEndExcluding": "19.4"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:19.4:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9B342307-98CF-45C9-9F08-5EB06C679B79"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:19.4:r1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DC743EE4-8833-452A-94DB-655BF139F883"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:19.4:r1-s1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FE96A8EA-FFE3-4D8F-9266-21899149D634"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:19.4:r1-s2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C12A75C6-2D00-4202-B861-00FF71585FA0"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:19.4:r1-s3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "70FF3DD4-14CB-435D-8529-0480EB853F60"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:19.4:r1-s4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "84429093-AB3C-4C05-B8FA-87D94091820F"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:19.4:r2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4DCFA774-96EF-4018-82CF-95C807025C24"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:19.4:r2-s1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "76022948-4B07-43CB-824C-44E1AB3537CB"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:19.4:r2-s2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "25446F60-5CB9-4923-BCE8-609AE3CFDFBC"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:19.4:r2-s3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A23E5CEA-EFF5-4641-BC47-BA2D0859F0EE"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:19.4:r2-s4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "760E2418-B945-4467-BDAC-7702DDF4C4EE"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:19.4:r2-s5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "98097AB6-56CB-42E4-96B4-ABBD4F36553C"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:19.4:r3-s7:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1BF7792C-51FF-4C6E-B5E7-F87738FE4B35"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:20.1:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "19EAC3C9-D800-436F-8FEA-8BDFB5A9BD24"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:20.1:r1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8328FDE6-9707-4142-B905-3B07C0E28E35"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:20.1:r1-s1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "41CD982F-E6F2-4951-9F96-A76C142DF08E"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:20.1:r1-s2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "19FDC05F-5582-4F7E-B628-E58A3C0E7F2F"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:20.1:r1-s3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "401306D1-E9CE-49C6-8DC9-0E8747B9DC2C"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:20.1:r1-s4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "615EAF48-AD53-4CC2-B233-5EA5C0F72CB1"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:20.1:r2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DC8E7547-6649-436D-BC45-184417680C72"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:20.1:r2-s1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D9789FF8-D55C-4AF9-A250-E543A0EB826F"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:20.1:r2-s2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5C238EB1-5A38-4877-8849-4A6D36918B3F"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:20.1:r3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C21638A9-6AD8-4347-AA3F-64BC7BD71C0D"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:20.1:r3-s1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D621DB7F-BC6B-4A07-8803-596B3ED11CF2"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:20.1:r3-s2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A5620596-4DEE-41D7-A63F-224D814DAA77"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:20.2:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D4CF52CF-F911-4615-9171-42F84429149F"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:20.2:r1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CD07B7E2-F5C2-4610-9133-FDA9E66DFF4F"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:20.2:r1-s1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D3C23AEB-34DE-44FB-8D64-E69D6E8B7401"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:20.2:r1-s2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "18DB9401-5A51-4BB3-AC2F-58F58F1C788C"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:20.2:r1-s3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "06F53DA5-59AE-403C-9B1E-41CE267D8BB1"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:20.2:r2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3332262F-81DA-4D78-99C9-514CADA46611"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:20.2:r2-s1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B46B63A2-1518-4A29-940C-F05624C9658D"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:20.2:r2-s2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8E0D4959-3865-42A7-98CD-1103EBD84528"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:20.2:r2-s3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3A58292B-814C-49E7-8D6D-BE26EFB9ADDF"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:20.2:r3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "681AE183-7183-46E7-82EA-28C398FA1C3D"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:20.2:r3-s1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8A6E9627-8BF1-4BE8-844B-EE8F1C9478F0"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:20.2:r3-s2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0A80F23B-CD13-4745-BA92-67C23B297A18"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:20.2:r3-s3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "67D4004B-1233-4258-9C7A-F05189146B44"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:20.3:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "03009CC1-21AC-4A46-A747-D0C67FCD41DA"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:20.3:r1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5C9BC697-C7C9-447D-9EBD-E9711462583E"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:20.3:r1-s1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7B80433B-57B1-49EF-B1A1-83781D6102E3"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:20.3:r1-s2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A352BB7A-6F17-4E64-BC02-1A7E4CD42653"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:20.3:r2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "05D8427C-CDDE-4B2F-9CB8-41B9137660E4"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:20.3:r2-s1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F3DC01F2-6DFE-4A8E-9962-5E59AA965935"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:20.3:r3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7DA0E196-925E-4056-B411-E158702D5D4F"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:20.3:r3-s1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E33A522F-E35C-4473-9CBD-9C6E5A831086"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:20.3:r3-s2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E9AE26EB-699B-4B10-87E2-9E731B820F32"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:20.4:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3D361B23-A3C2-444B-BEB8-E231DA950567"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:20.4:r1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "20DDC6B7-BFC4-4F0B-8E68-442C23765BF2"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:20.4:r1-s1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "037BA01C-3F5C-4503-A633-71765E9EF774"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:20.4:r2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C54B047C-4B38-40C0-9855-067DCF7E48BD"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:20.4:r2-s1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "38984199-E332-4A9C-A4C0-78083D052E15"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:20.4:r2-s2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AA6526FB-2941-4D18-9B2E-472AD5A62A53"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:20.4:r3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "09876787-A40A-4340-9C12-8628C325353B"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "41615104-C17E-44DA-AB0D-6E2053BD4EF4"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:21.1:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6FDB5B7D-FB37-47E3-8678-B9ED578CCA5F"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:21.1:r1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "625BA7E6-D2AD-4A48-9B94-24328BE5B06A"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:21.1:r1-s1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F462F4E3-762C-429F-8D25-5521100DD37C"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:21.1:r2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C0BC9DAC-D6B5-4C5E-8C73-6E550D9A30F5"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:21.1:r2-s1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "689FE1AE-7A85-4FB6-AB02-E732F23581B6"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:21.1:r2-s2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "79E56DAC-75AD-4C81-9835-634B40C15DA6"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:21.2:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "216E7DDE-453D-481F-92E2-9F8466CDDA3F"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:21.2:r1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A52AF794-B36B-43A6-82E9-628658624B0A"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:21.2:r1-s1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3998DC76-F72F-4452-9150-652140B113EB"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:21.2:r1-s2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "36ED4552-2420-45F9-B6E4-6DA2B2B12870"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:21.2:r2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C28A14E7-7EA0-4757-9764-E39A27CFDFA5"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:21.3:r1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CC78A4CB-D617-43FC-BB51-287D2D0C44ED"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:21.3:r1-s1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "30FF67F8-1E3C-47A8-8859-709B3614BA6E"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:21.3:r2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6514CDE8-35DC-469F-89A3-078684D18F7A"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:juniper:srx4000:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "06A03463-6B1D-4DBA-9E89-CAD5E899B98B"
          },
          {
            "criteria": "cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "3AA8999C-8AE4-416F-BA2A-B1A21F33B4D7"
          },
          {
            "criteria": "cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "CCC5F6F5-4347-49D3-909A-27A3A96D36C9"
          },
          {
            "criteria": "cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "56BA6B86-D3F4-4496-AE46-AC513C6560FA"
          },
          {
            "criteria": "cpe:2.3:h:juniper:srx5000:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "5ABA347C-3EF3-4F75-B4D1-54590A57C2BC"
          },
          {
            "criteria": "cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "2FDDC897-747F-44DD-9599-7266F9B5B7B1"
          },
          {
            "criteria": "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "68CA098D-CBE4-4E62-9EC0-43E1B6098710"
          },
          {
            "criteria": "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "66F474D4-79B6-4525-983C-9A9011BD958B"
          },
          {
            "criteria": "cpe:2.3:h:juniper:vsrx:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "8B10DFCE-5331-4D79-8D9F-EF84743493D3"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]
Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References
