admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2022/CVE-2022-222xx/CVE-2022-22213.json
cad-safe-bot e6cbafdc40 Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00

327 lines
14 KiB
JSON
Raw Blame History

{
"id": "CVE-2022-22213",
"sourceIdentifier": "sirt@juniper.net",
"published": "2022-07-20T15:15:08.827",
"lastModified": "2024-11-21T06:46:24.350",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Handling of Undefined Values in the routing protocol daemon (RPD) process of Juniper Networks Junos OS and Junos OS Evolved may allow an unauthenticated network-based attacker to crash the RPD process by sending a specific BGP update while the system is under heavy load, leading to a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. Malicious exploitation of this issue requires a very specific combination of load, timing, and configuration of the vulnerable system which is beyond the direct control of the attacker. Internal reproduction has only been possible through artificially created load and specially instrumented source code. Systems are only vulnerable to this issue if BGP multipath is enabled. Routers not configured for BGP multipath are not vulnerable to this issue. This issue affects: Juniper Networks Junos OS: 21.1 versions prior to 21.1R3-S1; 21.2 versions prior to 21.2R2-S2, 21.2R3; 21.3 versions prior to 21.3R2, 21.3R3; 21.4 versions prior to 21.4R1-S1, 21.4R2. Juniper Networks Junos OS Evolved: 21.1 versions prior to 21.1R3-S1-EVO; 21.2 version 21.2R1-EVO and later versions; 21.3 versions prior to 21.3R3-EVO; 21.4 versions prior to 21.4R1-S1-EVO, 21.4R2-EVO. This issue does not affect: Juniper Networks Junos OS versions prior to 21.1. Juniper Networks Junos OS Evolved versions prior to 21.1-EVO."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el manejo de valores no definidos en el proceso del demonio del protocolo de enrutamiento (RPD) de Juniper Networks Junos OS y Junos OS Evolved puede permitir a un atacante no autenticado basado en la red bloquear el proceso RPD enviando una actualizaci\u00f3n BGP espec\u00edfica mientras el sistema est\u00e1 bajo una gran carga, conllevando a una Denegaci\u00f3n de Servicio (DoS). La recepci\u00f3n y el procesamiento continuado de este paquete crear\u00e1 una condici\u00f3n de Denegaci\u00f3n de Servicio (DoS) sostenida. La explotaci\u00f3n maliciosa de este problema requiere una combinaci\u00f3n muy espec\u00edfica de carga, tiempo y configuraci\u00f3n del sistema vulnerable que est\u00e1 fuera del control directo del atacante. La reproducci\u00f3n interna s\u00f3lo ha sido posible mediante una carga creada artificialmente y un c\u00f3digo fuente especialmente instrumentado. Los sistemas s\u00f3lo son vulnerables a este problema si BGP multipath est\u00e1 habilitado. Los routers no configurados para BGP multipath no son vulnerables a este problema. Este problema afecta a: Juniper Networks Junos OS: Versiones 21.1 anteriores a 21.1R3-S1; versiones 21.2 anteriores a 21.2R2-S2, 21.2R3; versiones 21.3 anteriores a 21.3R2, 21.3R3; versiones 21.4 anteriores a 21.4R1-S1, 21.4R2. Juniper Networks Junos OS Evolved: versiones 21.1 anteriores a 21.1R3-S1-EVO; versiones 21.2 21.2R1-EVO y posteriores; versiones 21.3 anteriores a 21.3R3-EVO; versiones 21.4 anteriores a 21.4R1-S1-EVO, 21.4R2-EVO. Este problema no afecta a: Las versiones del Sistema Operativo Junos de Juniper Networks anteriores a 21.1. Las versiones del Sistema Operativo Junos Evolved de Juniper Networks anteriores a 21.1-EVO"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "sirt@juniper.net",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "HIGH",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "sirt@juniper.net",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-232"
}
]
},
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.1:-:*:*:*:*:*:*",
"matchCriteriaId": "6FDB5B7D-FB37-47E3-8678-B9ED578CCA5F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.1:r1:*:*:*:*:*:*",
"matchCriteriaId": "625BA7E6-D2AD-4A48-9B94-24328BE5B06A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.1:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "F462F4E3-762C-429F-8D25-5521100DD37C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.1:r2:*:*:*:*:*:*",
"matchCriteriaId": "C0BC9DAC-D6B5-4C5E-8C73-6E550D9A30F5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.1:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "689FE1AE-7A85-4FB6-AB02-E732F23581B6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.1:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "79E56DAC-75AD-4C81-9835-634B40C15DA6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.1:r3:*:*:*:*:*:*",
"matchCriteriaId": "A0040FE2-7ECD-4755-96CE-E899BA298E0C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:-:*:*:*:*:*:*",
"matchCriteriaId": "216E7DDE-453D-481F-92E2-9F8466CDDA3F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "A52AF794-B36B-43A6-82E9-628658624B0A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "3998DC76-F72F-4452-9150-652140B113EB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "36ED4552-2420-45F9-B6E4-6DA2B2B12870"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r2:*:*:*:*:*:*",
"matchCriteriaId": "C28A14E7-7EA0-4757-9764-E39A27CFDFA5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "4A43752D-A4AF-4B4E-B95B-192E42883A5B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.2:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "42986538-E9D0-4C2E-B1C4-A763A4EE451B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:-:*:*:*:*:*:*",
"matchCriteriaId": "2E7D597D-F6B6-44C3-9EBC-4FA0686ACB5C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r1:*:*:*:*:*:*",
"matchCriteriaId": "CC78A4CB-D617-43FC-BB51-287D2D0C44ED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "30FF67F8-1E3C-47A8-8859-709B3614BA6E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "0C7C507E-C85E-4BC6-A3B0-549516BAB524"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.3:r2:*:*:*:*:*:*",
"matchCriteriaId": "6514CDE8-35DC-469F-89A3-078684D18F7A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:-:*:*:*:*:*:*",
"matchCriteriaId": "79ED3CE8-CC57-43AB-9A26-BBC87816062D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "4310D2D9-A8A6-48F8-9384-0A0692A1E1C3"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos:21.4:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "9962B01C-C57C-4359-9532-676AB81CE8B0"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.1:-:*:*:*:*:*:*",
"matchCriteriaId": "52C3552E-798F-4719-B38D-F74E34EAAA40"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.1:r1:*:*:*:*:*:*",
"matchCriteriaId": "AE674DD3-3590-4434-B144-5AD7EB5F039D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.1:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "0099BDA9-9D4B-4D6C-8234-EFD9E8C63476"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.1:r2:*:*:*:*:*:*",
"matchCriteriaId": "D8729BC1-FB09-4E6D-A5D5-8BDC589555B6"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.1:r3:*:*:*:*:*:*",
"matchCriteriaId": "9D72C3DF-4513-48AC-AAED-C1AADF0794E1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:-:*:*:*:*:*:*",
"matchCriteriaId": "620B0CDD-5566-472E-B96A-31D2C12E3120"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r1:*:*:*:*:*:*",
"matchCriteriaId": "3EA3DC63-B290-4D15-BEF9-21DEF36CA2EA"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "7E1E57AF-979B-4022-8AD6-B3558E06B718"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r1-s2:*:*:*:*:*:*",
"matchCriteriaId": "144730FB-7622-4B3D-9C47-D1B7A7FB7EB0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r2:*:*:*:*:*:*",
"matchCriteriaId": "7BA246F0-154E-4F44-A97B-690D22FA73DD"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r2-s1:*:*:*:*:*:*",
"matchCriteriaId": "25D6C07C-F96E-4523-BB54-7FEABFE1D1ED"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r2-s2:*:*:*:*:*:*",
"matchCriteriaId": "2B70C784-534B-4FAA-A5ED-3709656E2B97"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r3:*:*:*:*:*:*",
"matchCriteriaId": "60448FFB-568E-4280-9261-ADD65244F31A"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.3:-:*:*:*:*:*:*",
"matchCriteriaId": "4EC38173-44AB-43D5-8C27-CB43AD5E0B2E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.3:r1:*:*:*:*:*:*",
"matchCriteriaId": "5A4DD04A-DE52-46BE-8C34-8DB47F7500F0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.3:r1-s1:*:*:*:*:*:*",
"matchCriteriaId": "FEE0E145-8E1C-446E-90ED-237E3B9CAF47"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.3:r2:*:*:*:*:*:*",
"matchCriteriaId": "0F26369D-21B2-4C6A-98C1-492692A61283"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:-:*:*:*:*:*:*",
"matchCriteriaId": "2E907193-075E-45BC-9257-9607DB790D71"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r1:*:*:*:*:*:*",
"matchCriteriaId": "8B73A41D-3FF5-4E53-83FF-74DF58E0D6C3"
}
]
}
]
}
],
"references": [
{
"url": "https://kb.juniper.net/JSA69717",
"source": "sirt@juniper.net",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://kb.juniper.net/JSA69717",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink