CVE-2022-22203

Published Jul 20, 2022

Last updated 2 years ago

CVSS medium 6.5

Overview

Description: An Incorrect Comparison vulnerability in PFE of Juniper Networks Junos OS allows an adjacent unauthenticated attacker to cause a Denial of Service (DoS). On QFX5000 Series, and EX4600 and EX4650 platforms, the fxpc process will crash followed by the FPC reboot upon receipt of a specific hostbound packet. Continued receipt of these specific packets will create a sustained Denial of Service (DoS) condition. This issue only affects Juniper Networks Junos OS 19.4 version 19.4R3-S4.
Source: sirt@juniper.net
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 6.5
Impact score: 3.6
Exploitability score: 2.8
Vector string: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Severity: MEDIUM

Weaknesses

sirt@juniper.net: CWE-697

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:juniper:junos:19.4:r3-s4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A209EE6F-E676-4172-8FF3-4E03748DEB13"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:juniper:ex4600:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "D1BB20B5-EA30-4E8E-9055-2E629648436A"
          },
          {
            "criteria": "cpe:2.3:h:juniper:ex4650:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "2B425BB1-3C78-42B1-A6C1-216E514191F0"
          },
          {
            "criteria": "cpe:2.3:h:juniper:qfx5100:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "E974B4BC-64C5-4BB6-AF31-D46AF3763416"
          },
          {
            "criteria": "cpe:2.3:h:juniper:qfx5110:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "79A8847B-4F98-4949-8639-5CD2B411D10F"
          },
          {
            "criteria": "cpe:2.3:h:juniper:qfx5120:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "09EBDE4B-764F-4DF1-844A-BB8A52CD53EF"
          },
          {
            "criteria": "cpe:2.3:h:juniper:qfx5130:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "AB58A6E9-FFCF-4331-AC3B-45C37BD1943E"
          },
          {
            "criteria": "cpe:2.3:h:juniper:qfx5200:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "EDC5478F-A047-4F6D-BB11-0077A74C0174"
          },
          {
            "criteria": "cpe:2.3:h:juniper:qfx5210:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "D877320D-1997-4B66-B11B-864020C755E1"
          },
          {
            "criteria": "cpe:2.3:h:juniper:qfx5220:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "D193BEBD-9436-468D-B89E-D5720603451D"
          },
          {
            "criteria": "cpe:2.3:h:juniper:qfx5700:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C7D6C74F-E85F-4D62-BDAF-FE619B467C76"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References