CVE-2022-22235 – Junos OS: SRX Series: A flowd core will be observed when malformed GPRS traffic is processed
https://notcve.org/view.php?id=CVE-2022-22235
An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based, attacker to cause Denial of Service (DoS). A PFE crash will happen when a GPRS Tunnel Protocol (GTP) packet is received with a malformed field in the IP header of GTP encapsulated General Packet Radio Services (GPRS) traffic. The packet needs to match existing state which is outside the attackers control, so the issue cannot be directly exploited. The issue will only be observed when endpoint address validation is enabled. This issue affects Juniper Networks Junos OS on SRX Series: 20.2 versions prior to 20.2R3-S5; 20.3 versions prior to 20.3R3-S4; 20.4 versions prior to 20.4R3-S3; 21.1 versions prior to 21.1R3-S2; 21.2 versions prior to 21.2R3-S1; 21.3 versions prior to 21.3R3; 21.4 versions prior to 21.4R1-S2, 21.4R2; 22.1 versions prior to 22.1R1-S1, 22.1R2. • https://kb.juniper.net/JSA69891 • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVE-2022-22232 – SRX Series: If Unified Threat Management (UTM) Enhanced Content Filtering (CF) is enabled and specific traffic is processed the PFE will crash
https://notcve.org/view.php?id=CVE-2022-22232
A NULL Pointer Dereference vulnerability in the Packet Forwarding Engine of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). On SRX Series If Unified Threat Management (UTM) Enhanced Content Filtering (CF) is enabled and specific transit traffic is processed the PFE will crash and restart. This issue affects Juniper Networks Junos OS: 21.4 versions prior to 21.4R1-S2, 21.4R2 on SRX Series; 22.1 versions prior to 22.1R1-S1, 22.1R2 on SRX Series. This issue does not affect Juniper Networks Junos OS versions prior to 21.4R1. Una vulnerabilidad de Desreferencia de Puntero NULL en Packet Forwarding Engine del Juniper Networks Junos OS en la serie SRX permite a un atacante no autenticado basado en la red causar una Denegación de Servicio (DoS). • https://kb.juniper.net/JSA69886 • CWE-476: NULL Pointer Dereference •
CVE-2022-22231 – SRX Series: If UTM Enhanced Content Filtering and AntiVirus are enabled, and specific traffic is processed the PFE will crash
https://notcve.org/view.php?id=CVE-2022-22231
An Unchecked Return Value to NULL Pointer Dereference vulnerability in Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). On SRX Series if Unified Threat Management (UTM) Enhanced Content Filtering (CF) and AntiVirus (AV) are enabled together and the system processes specific valid transit traffic the Packet Forwarding Engine (PFE) will crash and restart. This issue affects Juniper Networks Junos OS 21.4 versions prior to 21.4R1-S2, 21.4R2 on SRX Series. This issue does not affect Juniper Networks Junos OS versions prior to 21.4R1. Una vulnerabilidad de Desreferencia de Valor de Retorno no Comprobado a puntero NULL en Packet Forwarding Engine (PFE) de Junos OS de Juniper Networks permite que un atacante no autenticado y basado en la red cause una Denegación de Servicio (DoS). • https://kb.juniper.net/JSA69885 • CWE-252: Unchecked Return Value CWE-690: Unchecked Return Value to NULL Pointer Dereference •
CVE-2022-22218 – Junos OS: SRX Series: Upon processing of a genuine packet the pkid process will crash during CMPv2 auto-re-enrollment
https://notcve.org/view.php?id=CVE-2022-22218
On SRX Series devices, an Improper Check for Unusual or Exceptional Conditions when using Certificate Management Protocol Version 2 (CMPv2) auto re-enrollment, allows a network-based, unauthenticated attacker to cause a Denial of Service (DoS) by crashing the pkid process. The pkid process cannot handle an unexpected response from the Certificate Authority (CA) server, leading to crash. A restart is required to restore services. This issue affects: Juniper Networks Junos OS on SRX Series: All versions prior to 19.1R3-S9; 19.2 versions prior to 19.2R3-S6; 19.3 versions prior to 19.3R3-S7; 19.4 versions prior to 19.4R3-S9; 20.2 versions prior to 20.2R3-S5; 20.3 versions prior to 20.3R3-S4; 20.4 versions prior to 20.4R3-S4; 21.1 versions prior to 21.1R3-S1; 21.2 versions prior to 21.2R3; 21.3 versions prior to 21.3R2; 21.4 versions prior to 21.4R2. En los dispositivos de la serie SRX, una comprobación inadecuada de condiciones inusuales o excepcionales cuando se utiliza la reinscripción automática del Protocolo de gestión de certificados versión 2 (CMPv2), permite que un atacante no autenticado basado en la red provoque una denegación de servicio (DoS) al bloquear el proceso pkid. • https://kb.juniper.net/JSA69901 • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVE-2022-22221 – Junos OS: SRX and EX Series: Local privilege escalation flaw in "download" functionality
https://notcve.org/view.php?id=CVE-2022-22221
An Improper Neutralization of Special Elements vulnerability in the download manager of Juniper Networks Junos OS on SRX Series and EX Series allows a locally authenticated attacker with low privileges to take full control over the device. One aspect of this vulnerability is that the attacker needs to be able to execute any of the "request ..." or "show system download ..." commands. This issue affects Juniper Networks Junos OS on SRX Series and EX Series: All versions prior to 19.2R1-S9, 19.2R3-S5; 19.3 versions prior to 19.3R3-S6; 19.4 versions prior to 19.4R3-S8; 20.1 versions prior to 20.1R3-S4; 20.2 versions prior to 20.2R3-S4; 20.3 versions prior to 20.3R3-S3; 20.4 versions prior to 20.4R3-S2, 20.4R3-S3; 21.1 versions prior to 21.1R3-S1; 21.2 versions prior to 21.2R2-S2, 21.2R3; 21.3 versions prior to 21.3R2, 21.3R3; 21.4 versions prior to 21.4R1-S1, 21.4R2. Una vulnerabilidad de Neutralización Inapropiada de Elementos Especiales en el administrador de descargas del Sistema Operativo Junos de Juniper Networks en las series SRX y EX permite a un atacante autenticado localmente con bajos privilegios tomar el control total del dispositivo. Uno de los aspectos de esta vulnerabilidad es que el atacante debe ser capaz de ejecutar cualquiera de los comandos "request ..." o "show system download ...". • https://kb.juniper.net/JSA69725 •