2023-04-24 12:24:31 +02:00
{
"id" : "CVE-2022-22170" ,
"sourceIdentifier" : "sirt@juniper.net" ,
"published" : "2022-01-19T01:15:09.080" ,
2024-11-23 15:12:23 +00:00
"lastModified" : "2024-11-21T06:46:18.477" ,
"vulnStatus" : "Modified" ,
2024-12-08 03:06:42 +00:00
"cveTags" : [ ] ,
2023-04-24 12:24:31 +02:00
"descriptions" : [
{
"lang" : "en" ,
"value" : "A Missing Release of Resource after Effective Lifetime vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an unauthenticated networked attacker to cause a Denial of Service (DoS) by sending specific packets over VXLAN which cause heap memory to leak and on exhaustion the PFE to reset. The heap memory utilization can be monitored with the command: user@host> show chassis fpc This issue affects: Juniper Networks Junos OS 19.4 versions prior to 19.4R2-S6, 19.4R3-S6; 20.1 versions prior to 20.1R3-S2; 20.2 versions prior to 20.2R3-S3; 20.3 versions prior to 20.3R3-S1; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R3; 21.2 versions prior to 21.2R2. This issue does not affect versions of Junos OS prior to 19.4R1."
} ,
{
"lang" : "es" ,
"value" : "Una vulnerabilidad de Falta de Liberaci\u00f3n de Recursos Despu\u00e9s del Tiempo de Vida Efectivo en el Motor de Reenv\u00edo de Paquetes (PFE) del Sistema Operativo Junos de Juniper Networks permite a un atacante no autenticado en red causar una denegaci\u00f3n de servicio (DoS) mediante el env\u00edo de paquetes espec\u00edficos a trav\u00e9s de VXLAN que causan una p\u00e9rdida de memoria de la pila y, al agotarse, el PFE es reiniciado. El uso de la memoria de la pila puede supervisarse con el comando: user@host) show chassis fpc Este problema afecta a: Juniper Networks Junos OS 19.4 versiones anteriores a 19.4R2-S6, 19.4R3-S6; 20.1 versiones anteriores a 20.1R3-S2; versiones 20.2 anteriores a 20.2R3-S3; versiones 20.3 anteriores a 20.3R3-S1; versiones 20.4 anteriores a 20.4R3; versiones 21.1 anteriores a 21.1R3; versiones 21.2 anteriores a 21.2R2. Este problema no afecta a Junos OS versiones anteriores a 19.4R1"
}
] ,
"metrics" : {
"cvssMetricV31" : [
{
2024-11-23 15:12:23 +00:00
"source" : "sirt@juniper.net" ,
"type" : "Secondary" ,
2023-04-24 12:24:31 +02:00
"cvssData" : {
"version" : "3.1" ,
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" ,
2024-11-23 15:12:23 +00:00
"baseScore" : 7.5 ,
"baseSeverity" : "HIGH" ,
2023-04-24 12:24:31 +02:00
"attackVector" : "NETWORK" ,
"attackComplexity" : "LOW" ,
"privilegesRequired" : "NONE" ,
"userInteraction" : "NONE" ,
"scope" : "UNCHANGED" ,
"confidentialityImpact" : "NONE" ,
"integrityImpact" : "NONE" ,
2024-11-23 15:12:23 +00:00
"availabilityImpact" : "HIGH"
2023-04-24 12:24:31 +02:00
} ,
"exploitabilityScore" : 3.9 ,
"impactScore" : 3.6
} ,
{
2024-11-23 15:12:23 +00:00
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
2023-04-24 12:24:31 +02:00
"cvssData" : {
"version" : "3.1" ,
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" ,
2024-11-23 15:12:23 +00:00
"baseScore" : 7.5 ,
"baseSeverity" : "HIGH" ,
2023-04-24 12:24:31 +02:00
"attackVector" : "NETWORK" ,
"attackComplexity" : "LOW" ,
"privilegesRequired" : "NONE" ,
"userInteraction" : "NONE" ,
"scope" : "UNCHANGED" ,
"confidentialityImpact" : "NONE" ,
"integrityImpact" : "NONE" ,
2024-11-23 15:12:23 +00:00
"availabilityImpact" : "HIGH"
2023-04-24 12:24:31 +02:00
} ,
"exploitabilityScore" : 3.9 ,
"impactScore" : 3.6
}
] ,
"cvssMetricV2" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"cvssData" : {
"version" : "2.0" ,
"vectorString" : "AV:N/AC:L/Au:N/C:N/I:N/A:P" ,
2024-11-23 15:12:23 +00:00
"baseScore" : 5.0 ,
2023-04-24 12:24:31 +02:00
"accessVector" : "NETWORK" ,
"accessComplexity" : "LOW" ,
"authentication" : "NONE" ,
"confidentialityImpact" : "NONE" ,
"integrityImpact" : "NONE" ,
2024-11-23 15:12:23 +00:00
"availabilityImpact" : "PARTIAL"
2023-04-24 12:24:31 +02:00
} ,
"baseSeverity" : "MEDIUM" ,
"exploitabilityScore" : 10.0 ,
"impactScore" : 2.9 ,
"acInsufInfo" : false ,
"obtainAllPrivilege" : false ,
"obtainUserPrivilege" : false ,
"obtainOtherPrivilege" : false ,
"userInteractionRequired" : false
}
]
} ,
"weaknesses" : [
{
"source" : "sirt@juniper.net" ,
2024-12-15 03:03:56 +00:00
"type" : "Primary" ,
2023-04-24 12:24:31 +02:00
"description" : [
{
"lang" : "en" ,
"value" : "CWE-772"
}
]
}
] ,
"configurations" : [
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:19.4:r1:*:*:*:*:*:*" ,
"matchCriteriaId" : "DC743EE4-8833-452A-94DB-655BF139F883"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:19.4:r1-s1:*:*:*:*:*:*" ,
"matchCriteriaId" : "FE96A8EA-FFE3-4D8F-9266-21899149D634"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:19.4:r1-s2:*:*:*:*:*:*" ,
"matchCriteriaId" : "C12A75C6-2D00-4202-B861-00FF71585FA0"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:19.4:r1-s3:*:*:*:*:*:*" ,
"matchCriteriaId" : "70FF3DD4-14CB-435D-8529-0480EB853F60"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:19.4:r1-s4:*:*:*:*:*:*" ,
"matchCriteriaId" : "84429093-AB3C-4C05-B8FA-87D94091820F"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:19.4:r2:*:*:*:*:*:*" ,
"matchCriteriaId" : "4DCFA774-96EF-4018-82CF-95C807025C24"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:19.4:r2-s1:*:*:*:*:*:*" ,
"matchCriteriaId" : "76022948-4B07-43CB-824C-44E1AB3537CB"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:19.4:r2-s2:*:*:*:*:*:*" ,
"matchCriteriaId" : "25446F60-5CB9-4923-BCE8-609AE3CFDFBC"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:19.4:r2-s3:*:*:*:*:*:*" ,
"matchCriteriaId" : "A23E5CEA-EFF5-4641-BC47-BA2D0859F0EE"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:19.4:r2-s4:*:*:*:*:*:*" ,
"matchCriteriaId" : "760E2418-B945-4467-BDAC-7702DDF4C4EE"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:19.4:r2-s5:*:*:*:*:*:*" ,
"matchCriteriaId" : "98097AB6-56CB-42E4-96B4-ABBD4F36553C"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:19.4:r3:*:*:*:*:*:*" ,
"matchCriteriaId" : "758275F3-9457-45A2-8F57-65DCD659FC1B"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:19.4:r3-s1:*:*:*:*:*:*" ,
"matchCriteriaId" : "B46CB928-78B5-4D60-B747-9A0988C7060D"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:19.4:r3-s2:*:*:*:*:*:*" ,
"matchCriteriaId" : "ED73BF1A-96E4-49F1-A6AA-7B29DAA6C112"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:19.4:r3-s3:*:*:*:*:*:*" ,
"matchCriteriaId" : "0886EFA6-47E3-4C1D-A278-D3891A487FED"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:19.4:r3-s4:*:*:*:*:*:*" ,
"matchCriteriaId" : "A209EE6F-E676-4172-8FF3-4E03748DEB13"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:19.4:r3-s5:*:*:*:*:*:*" ,
"matchCriteriaId" : "EC395200-9A69-468A-8461-D2219B34AA0E"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:19.4:r3-s6:*:*:*:*:*:*" ,
"matchCriteriaId" : "08584FCD-4593-4590-A988-C862295E618A"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:20.1:r1:*:*:*:*:*:*" ,
"matchCriteriaId" : "8328FDE6-9707-4142-B905-3B07C0E28E35"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:20.1:r1-s1:*:*:*:*:*:*" ,
"matchCriteriaId" : "41CD982F-E6F2-4951-9F96-A76C142DF08E"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:20.1:r1-s2:*:*:*:*:*:*" ,
"matchCriteriaId" : "19FDC05F-5582-4F7E-B628-E58A3C0E7F2F"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:20.1:r1-s3:*:*:*:*:*:*" ,
"matchCriteriaId" : "401306D1-E9CE-49C6-8DC9-0E8747B9DC2C"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:20.1:r1-s4:*:*:*:*:*:*" ,
"matchCriteriaId" : "615EAF48-AD53-4CC2-B233-5EA5C0F72CB1"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:20.1:r2:*:*:*:*:*:*" ,
"matchCriteriaId" : "DC8E7547-6649-436D-BC45-184417680C72"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:20.1:r2-s1:*:*:*:*:*:*" ,
"matchCriteriaId" : "D9789FF8-D55C-4AF9-A250-E543A0EB826F"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:20.1:r2-s2:*:*:*:*:*:*" ,
"matchCriteriaId" : "5C238EB1-5A38-4877-8849-4A6D36918B3F"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:20.1:r3:*:*:*:*:*:*" ,
"matchCriteriaId" : "C21638A9-6AD8-4347-AA3F-64BC7BD71C0D"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:20.1:r3-s1:*:*:*:*:*:*" ,
"matchCriteriaId" : "D621DB7F-BC6B-4A07-8803-596B3ED11CF2"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:20.1:r3-s2:*:*:*:*:*:*" ,
"matchCriteriaId" : "A5620596-4DEE-41D7-A63F-224D814DAA77"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:20.2:r1:*:*:*:*:*:*" ,
"matchCriteriaId" : "CD07B7E2-F5C2-4610-9133-FDA9E66DFF4F"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:20.2:r1-s1:*:*:*:*:*:*" ,
"matchCriteriaId" : "D3C23AEB-34DE-44FB-8D64-E69D6E8B7401"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:20.2:r1-s2:*:*:*:*:*:*" ,
"matchCriteriaId" : "18DB9401-5A51-4BB3-AC2F-58F58F1C788C"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:20.2:r1-s3:*:*:*:*:*:*" ,
"matchCriteriaId" : "06F53DA5-59AE-403C-9B1E-41CE267D8BB1"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:20.2:r2:*:*:*:*:*:*" ,
"matchCriteriaId" : "3332262F-81DA-4D78-99C9-514CADA46611"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:20.2:r2-s1:*:*:*:*:*:*" ,
"matchCriteriaId" : "B46B63A2-1518-4A29-940C-F05624C9658D"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:20.2:r2-s2:*:*:*:*:*:*" ,
"matchCriteriaId" : "8E0D4959-3865-42A7-98CD-1103EBD84528"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:20.2:r2-s3:*:*:*:*:*:*" ,
"matchCriteriaId" : "3A58292B-814C-49E7-8D6D-BE26EFB9ADDF"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:20.2:r3:*:*:*:*:*:*" ,
"matchCriteriaId" : "681AE183-7183-46E7-82EA-28C398FA1C3D"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:20.2:r3-s1:*:*:*:*:*:*" ,
"matchCriteriaId" : "8A6E9627-8BF1-4BE8-844B-EE8F1C9478F0"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:20.2:r3-s2:*:*:*:*:*:*" ,
"matchCriteriaId" : "0A80F23B-CD13-4745-BA92-67C23B297A18"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:20.3:r1:*:*:*:*:*:*" ,
"matchCriteriaId" : "5C9BC697-C7C9-447D-9EBD-E9711462583E"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:20.3:r1-s1:*:*:*:*:*:*" ,
"matchCriteriaId" : "7B80433B-57B1-49EF-B1A1-83781D6102E3"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:20.3:r2:*:*:*:*:*:*" ,
"matchCriteriaId" : "05D8427C-CDDE-4B2F-9CB8-41B9137660E4"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:20.3:r2-s1:*:*:*:*:*:*" ,
"matchCriteriaId" : "F3DC01F2-6DFE-4A8E-9962-5E59AA965935"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:20.3:r3:*:*:*:*:*:*" ,
"matchCriteriaId" : "7DA0E196-925E-4056-B411-E158702D5D4F"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:20.3:r3-s1:*:*:*:*:*:*" ,
"matchCriteriaId" : "E33A522F-E35C-4473-9CBD-9C6E5A831086"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:20.4:r1:*:*:*:*:*:*" ,
"matchCriteriaId" : "20DDC6B7-BFC4-4F0B-8E68-442C23765BF2"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:20.4:r1-s1:*:*:*:*:*:*" ,
"matchCriteriaId" : "037BA01C-3F5C-4503-A633-71765E9EF774"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:20.4:r2:*:*:*:*:*:*" ,
"matchCriteriaId" : "C54B047C-4B38-40C0-9855-067DCF7E48BD"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:20.4:r2-s1:*:*:*:*:*:*" ,
"matchCriteriaId" : "38984199-E332-4A9C-A4C0-78083D052E15"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:20.4:r2-s2:*:*:*:*:*:*" ,
"matchCriteriaId" : "AA6526FB-2941-4D18-9B2E-472AD5A62A53"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:20.4:r3:*:*:*:*:*:*" ,
"matchCriteriaId" : "09876787-A40A-4340-9C12-8628C325353B"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:21.1:r1:*:*:*:*:*:*" ,
"matchCriteriaId" : "625BA7E6-D2AD-4A48-9B94-24328BE5B06A"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:21.1:r1-s1:*:*:*:*:*:*" ,
"matchCriteriaId" : "F462F4E3-762C-429F-8D25-5521100DD37C"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:21.1:r2:*:*:*:*:*:*" ,
"matchCriteriaId" : "C0BC9DAC-D6B5-4C5E-8C73-6E550D9A30F5"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:21.1:r2-s1:*:*:*:*:*:*" ,
"matchCriteriaId" : "689FE1AE-7A85-4FB6-AB02-E732F23581B6"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:21.2:r1:*:*:*:*:*:*" ,
"matchCriteriaId" : "A52AF794-B36B-43A6-82E9-628658624B0A"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:21.2:r1-s1:*:*:*:*:*:*" ,
"matchCriteriaId" : "3998DC76-F72F-4452-9150-652140B113EB"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:juniper:junos:21.3:r1:*:*:*:*:*:*" ,
"matchCriteriaId" : "CC78A4CB-D617-43FC-BB51-287D2D0C44ED"
}
]
}
]
}
] ,
"references" : [
{
"url" : "https://kb.juniper.net/JSA11277" ,
"source" : "sirt@juniper.net" ,
"tags" : [
"Vendor Advisory"
]
2024-11-23 15:12:23 +00:00
} ,
{
"url" : "https://kb.juniper.net/JSA11277" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Vendor Advisory"
]
2023-04-24 12:24:31 +02:00
}
]
}
