CVE-2022-22228

Published Oct 18, 2022

Last updated 2 years ago

CVSS high 7.5

Overview

Description: An Improper Validation of Specified Type of Input vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS allows an attacker to cause an RPD memory leak leading to a Denial of Service (DoS). This memory leak only occurs when the attacker's packets are destined to any configured IPv6 address on the device. This issue affects: Juniper Networks Junos OS 21.1 versions prior to 21.1R3-S2; 21.2 versions prior to 21.2R3-S1; 21.3 versions prior to 21.3R3; 21.4 versions prior to 21.4R2; 22.1 versions prior to 22.1R2. This issue does not affect Juniper Networks Junos OS versions prior to 21.1R1.
Source: sirt@juniper.net
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 7.5
Impact score: 3.6
Exploitability score: 3.9
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Severity: HIGH

Weaknesses

nvd@nist.gov: CWE-20
sirt@juniper.net: CWE-1287

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:juniper:junos:21.1:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6FDB5B7D-FB37-47E3-8678-B9ED578CCA5F"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:21.1:r1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "625BA7E6-D2AD-4A48-9B94-24328BE5B06A"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:21.1:r1-s1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F462F4E3-762C-429F-8D25-5521100DD37C"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:21.1:r2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C0BC9DAC-D6B5-4C5E-8C73-6E550D9A30F5"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:21.1:r2-s1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "689FE1AE-7A85-4FB6-AB02-E732F23581B6"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:21.1:r2-s2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "79E56DAC-75AD-4C81-9835-634B40C15DA6"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:21.1:r3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A0040FE2-7ECD-4755-96CE-E899BA298E0C"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:21.1:r3-s1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "076AB086-BB79-4583-AAF7-A5233DFB2F95"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:21.2:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "216E7DDE-453D-481F-92E2-9F8466CDDA3F"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:21.2:r1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A52AF794-B36B-43A6-82E9-628658624B0A"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:21.2:r1-s1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3998DC76-F72F-4452-9150-652140B113EB"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:21.2:r1-s2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "36ED4552-2420-45F9-B6E4-6DA2B2B12870"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:21.2:r2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C28A14E7-7EA0-4757-9764-E39A27CFDFA5"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:21.2:r2-s1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4A43752D-A4AF-4B4E-B95B-192E42883A5B"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:21.2:r2-s2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "42986538-E9D0-4C2E-B1C4-A763A4EE451B"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:21.2:r3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DE22CA01-EA7E-4EE5-B59F-EE100688C1DA"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:21.3:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2E7D597D-F6B6-44C3-9EBC-4FA0686ACB5C"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:21.3:r1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CC78A4CB-D617-43FC-BB51-287D2D0C44ED"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:21.3:r1-s1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "30FF67F8-1E3C-47A8-8859-709B3614BA6E"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:21.3:r1-s2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0C7C507E-C85E-4BC6-A3B0-549516BAB524"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:21.3:r2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6514CDE8-35DC-469F-89A3-078684D18F7A"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:21.3:r2-s1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4624565D-8F59-44A8-B7A8-01AD579745E7"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:21.3:r2-s2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4BF8CD82-C338-4D9A-8C98-FCB3CEAA9227"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:21.4:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "79ED3CE8-CC57-43AB-9A26-BBC87816062D"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:21.4:r1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4310D2D9-A8A6-48F8-9384-0A0692A1E1C3"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:21.4:r1-s1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9962B01C-C57C-4359-9532-676AB81CE8B0"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:21.4:r1-s2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "62178549-B679-4902-BFDB-2993803B7FCE"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:22.1:r1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3F96EBE9-2532-4E35-ABA5-CA68830476A4"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:22.1:r1-s1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B4D936AE-FD74-4823-A824-2D9F24C25BFB"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References