CVE-2022-22203

Junos OS: EX4600 Series and QFX5000 Series: Receipt of specific traffic will lead to an fxpc process crash followed by an FPC reboot

Severity Score

6.5

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

An Incorrect Comparison vulnerability in PFE of Juniper Networks Junos OS allows an adjacent unauthenticated attacker to cause a Denial of Service (DoS). On QFX5000 Series, and EX4600 and EX4650 platforms, the fxpc process will crash followed by the FPC reboot upon receipt of a specific hostbound packet. Continued receipt of these specific packets will create a sustained Denial of Service (DoS) condition. This issue only affects Juniper Networks Junos OS 19.4 version 19.4R3-S4.

Una vulnerabilidad de comparación incorrecta en PFE del Sistema Operativo Junos de Juniper Networks permite a un atacante adyacente no autenticado causar una Denegación de Servicio (DoS). En la serie QFX5000 y en las plataformas EX4600 y EX4650, el proceso fxpc será bloqueado seguido del reinicio de la FPC al recibir un paquete específico dirigido al host. La recepción continuada de estos paquetes específicos creará una condición de Denegación de Servicio (DoS) sostenida. Este problema sólo afecta a Juniper Networks Junos OS 19.4 versión 19.4R3-S4

*Credits: N/A

CVSS Scores

NISTv3.1 6.5

Attack Vector

Adjacent

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2021-12-21 CVE Reserved
2022-07-20 CVE Published
2024-02-08 EPSS Updated
2024-09-16 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-697: Incorrect Comparison

CAPEC

References (1)

URL	Tag	Source

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
https://kb.juniper.net/JSA69707	2022-07-27

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Juniper Search vendor "Juniper"	Junos Search vendor "Juniper" for product "Junos"	19.4 Search vendor "Juniper" for product "Junos" and version "19.4"	r3-s4	Affected	in	Juniper Search vendor "Juniper"	Ex4600 Search vendor "Juniper" for product "Ex4600"	-	-	Safe
Juniper Search vendor "Juniper"	Junos Search vendor "Juniper" for product "Junos"	19.4 Search vendor "Juniper" for product "Junos" and version "19.4"	r3-s4	Affected	in	Juniper Search vendor "Juniper"	Ex4650 Search vendor "Juniper" for product "Ex4650"	-	-	Safe
Juniper Search vendor "Juniper"	Junos Search vendor "Juniper" for product "Junos"	19.4 Search vendor "Juniper" for product "Junos" and version "19.4"	r3-s4	Affected	in	Juniper Search vendor "Juniper"	Qfx5100 Search vendor "Juniper" for product "Qfx5100"	-	-	Safe
Juniper Search vendor "Juniper"	Junos Search vendor "Juniper" for product "Junos"	19.4 Search vendor "Juniper" for product "Junos" and version "19.4"	r3-s4	Affected	in	Juniper Search vendor "Juniper"	Qfx5110 Search vendor "Juniper" for product "Qfx5110"	-	-	Safe
Juniper Search vendor "Juniper"	Junos Search vendor "Juniper" for product "Junos"	19.4 Search vendor "Juniper" for product "Junos" and version "19.4"	r3-s4	Affected	in	Juniper Search vendor "Juniper"	Qfx5120 Search vendor "Juniper" for product "Qfx5120"	-	-	Safe
Juniper Search vendor "Juniper"	Junos Search vendor "Juniper" for product "Junos"	19.4 Search vendor "Juniper" for product "Junos" and version "19.4"	r3-s4	Affected	in	Juniper Search vendor "Juniper"	Qfx5130 Search vendor "Juniper" for product "Qfx5130"	-	-	Safe
Juniper Search vendor "Juniper"	Junos Search vendor "Juniper" for product "Junos"	19.4 Search vendor "Juniper" for product "Junos" and version "19.4"	r3-s4	Affected	in	Juniper Search vendor "Juniper"	Qfx5200 Search vendor "Juniper" for product "Qfx5200"	-	-	Safe
Juniper Search vendor "Juniper"	Junos Search vendor "Juniper" for product "Junos"	19.4 Search vendor "Juniper" for product "Junos" and version "19.4"	r3-s4	Affected	in	Juniper Search vendor "Juniper"	Qfx5210 Search vendor "Juniper" for product "Qfx5210"	-	-	Safe
Juniper Search vendor "Juniper"	Junos Search vendor "Juniper" for product "Junos"	19.4 Search vendor "Juniper" for product "Junos" and version "19.4"	r3-s4	Affected	in	Juniper Search vendor "Juniper"	Qfx5220 Search vendor "Juniper" for product "Qfx5220"	-	-	Safe
Juniper Search vendor "Juniper"	Junos Search vendor "Juniper" for product "Junos"	19.4 Search vendor "Juniper" for product "Junos" and version "19.4"	r3-s4	Affected	in	Juniper Search vendor "Juniper"	Qfx5700 Search vendor "Juniper" for product "Qfx5700"	-	-	Safe