CVE-2022-22193
Junos OS and Junos OS Evolved: In a BGP rib-sharding scenario when a certain CLI command is executed the rpd process might crash
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
An Improper Handling of Unexpected Data Type vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a locally authenticated attacker with low privileges to cause a Denial of Service (DoS). Continued execution of this command might cause a sustained Denial of Service condition. If BGP rib sharding is configured and a certain CLI command is executed the rpd process can crash. During the rpd crash and restart, the routing protocols might be impacted and traffic disruption might be seen due to the loss of routing information. This issue affects: Juniper Networks Junos OS 20.3 versions prior to 20.3R3-S1; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R3; 21.2 versions prior to 21.2R2. Juniper Networks Junos OS Evolved 20.4 versions prior to 20.4R3-EVO; 21.1 versions prior to 21.1R3-EVO; 21.2 versions prior to 21.2R2-EVO. This issue does not affect: Juniper Networks Junos OS versions prior to 20.3R1. Juniper Networks Junos OS Evolved versions prior to 20.3R1-EVO.
Una vulnerabilidad de Manejo Inapropiado de Tipos de Datos no Esperados en el Demonio de Protocolo de Enrutamiento (rpd) de Juniper Networks Junos OS y Junos OS Evolved permite que un atacante autenticado localmente con privilegios bajos cause una Denegación de Servicio (DoS). La ejecución continuada de este comando podría causar una condición de denegación de servicio sostenida. Si es configurado una fragmentación de costillas BGP y es ejecutado un determinado comando CLI, el proceso rpd puede bloquearse. Durante el bloqueo y el reinicio de rpd, los protocolos de enrutamiento podrían verse afectados y podría observarse una interrupción del tráfico debido a una pérdida de información de enrutamiento. Este problema afecta: Juniper Networks Junos OS versiones 20.3 anteriores a 20.3R3-S1; 20.4 versiones anteriores a 20.4R3; 21.1 versiones anteriores a 21.1R3; 21.2 versiones anteriores a 21.2R2. Juniper Networks Junos OS Evolved 20.4 versiones anteriores a 20.4R3-EVO; 21.1 versiones anteriores a 21.1R3-EVO; 21.2 versiones anteriores a 21.2R2-EVO. Este problema no afecta a: Las versiones de Junos OS de Juniper Networks anteriores a 20.3R1. Juniper Networks Junos OS Evolved versiones anteriores a 20.3R1-EVO
CVSS Scores
SSVC
- Decision:-
Timeline
- 2021-12-21 CVE Reserved
- 2022-04-14 CVE Published
- 2023-11-05 EPSS Updated
- 2024-09-17 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-241: Improper Handling of Unexpected Data Type
CAPEC
References (1)
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 20.3 Search vendor "Juniper" for product "Junos" and version "20.3" | r1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 20.3 Search vendor "Juniper" for product "Junos" and version "20.3" | r1-s1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 20.3 Search vendor "Juniper" for product "Junos" and version "20.3" | r2 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 20.3 Search vendor "Juniper" for product "Junos" and version "20.3" | r2-s1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 20.3 Search vendor "Juniper" for product "Junos" and version "20.3" | r3 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 20.4 Search vendor "Juniper" for product "Junos" and version "20.4" | r1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 20.4 Search vendor "Juniper" for product "Junos" and version "20.4" | r1-s1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 20.4 Search vendor "Juniper" for product "Junos" and version "20.4" | r2 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 20.4 Search vendor "Juniper" for product "Junos" and version "20.4" | r2-s1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 21.1 Search vendor "Juniper" for product "Junos" and version "21.1" | r1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 21.1 Search vendor "Juniper" for product "Junos" and version "21.1" | r1-s1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 21.1 Search vendor "Juniper" for product "Junos" and version "21.1" | r2 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 21.1 Search vendor "Juniper" for product "Junos" and version "21.1" | r2-s1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 21.1 Search vendor "Juniper" for product "Junos" and version "21.1" | r2-s2 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 21.2 Search vendor "Juniper" for product "Junos" and version "21.2" | r1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 21.2 Search vendor "Juniper" for product "Junos" and version "21.2" | r1-s1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 21.2 Search vendor "Juniper" for product "Junos" and version "21.2" | r1-s2 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Os Evolved Search vendor "Juniper" for product "Junos Os Evolved" | 20.4 Search vendor "Juniper" for product "Junos Os Evolved" and version "20.4" | r1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Os Evolved Search vendor "Juniper" for product "Junos Os Evolved" | 20.4 Search vendor "Juniper" for product "Junos Os Evolved" and version "20.4" | r1-s1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Os Evolved Search vendor "Juniper" for product "Junos Os Evolved" | 20.4 Search vendor "Juniper" for product "Junos Os Evolved" and version "20.4" | r1-s2 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Os Evolved Search vendor "Juniper" for product "Junos Os Evolved" | 20.4 Search vendor "Juniper" for product "Junos Os Evolved" and version "20.4" | r2 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Os Evolved Search vendor "Juniper" for product "Junos Os Evolved" | 20.4 Search vendor "Juniper" for product "Junos Os Evolved" and version "20.4" | r2-s1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Os Evolved Search vendor "Juniper" for product "Junos Os Evolved" | 20.4 Search vendor "Juniper" for product "Junos Os Evolved" and version "20.4" | r2-s2 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Os Evolved Search vendor "Juniper" for product "Junos Os Evolved" | 20.4 Search vendor "Juniper" for product "Junos Os Evolved" and version "20.4" | r2-s3 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Os Evolved Search vendor "Juniper" for product "Junos Os Evolved" | 21.1 Search vendor "Juniper" for product "Junos Os Evolved" and version "21.1" | r1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Os Evolved Search vendor "Juniper" for product "Junos Os Evolved" | 21.1 Search vendor "Juniper" for product "Junos Os Evolved" and version "21.1" | r1-s1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Os Evolved Search vendor "Juniper" for product "Junos Os Evolved" | 21.1 Search vendor "Juniper" for product "Junos Os Evolved" and version "21.1" | r2 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Os Evolved Search vendor "Juniper" for product "Junos Os Evolved" | 21.2 Search vendor "Juniper" for product "Junos Os Evolved" and version "21.2" | r1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Os Evolved Search vendor "Juniper" for product "Junos Os Evolved" | 21.2 Search vendor "Juniper" for product "Junos Os Evolved" and version "21.2" | r1-s1 |
Affected
| ||||||
| Juniper Search vendor "Juniper" | Junos Os Evolved Search vendor "Juniper" for product "Junos Os Evolved" | 21.2 Search vendor "Juniper" for product "Junos Os Evolved" and version "21.2" | r1-s2 |
Affected
| ||||||