CVE-2022-22247
Junos OS Evolved: Kernel processing of unvalidated TCP segments could lead to a Denial of Service (DoS)
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
An Improper Input Validation vulnerability in ingress TCP segment processing of Juniper Networks Junos OS Evolved allows a network-based unauthenticated attacker to send a crafted TCP segment to the device, triggering a kernel panic, leading to a Denial of Service (DoS) condition. Continued receipt and processing of this TCP segment could create a sustained Denial of Service (DoS) condition. This issue affects Juniper Networks Junos OS Evolved: 21.3 versions prior to 21.3R3-EVO; 21.4 versions prior to 21.4R2-EVO; 22.1 versions prior to 22.1R2-EVO. This issue does not affect Juniper Networks Junos OS Evolved versions prior to 21.3R1-EVO.
Una vulnerabilidad de Comprobación de Entrada Inapropiada en el procesamiento de segmentos TCP de entrada de Juniper Networks Junos OS Evolved permite a un atacante no autenticado basado en la red enviar un segmento TCP diseñado al dispositivo, desencadenando un pánico del núcleo, conllevando a una condición de Denegación de Servicio (DoS). La recepción y el procesamiento continuados de este segmento TCP podrían crear una condición de Denegación de Servicio (DoS) sostenida. Este problema afecta a Juniper Networks Junos OS Evolved: versiones 21.3 anteriores a 21.3R3-EVO; versiones 21.4 anteriores a 21.4R2-EVO; versiones 22.1 anteriores a 22.1R2-EVO. Este problema no afecta a las versiones de Junos OS Evolved de Juniper Networks anteriores a 21.3R1-EVO
CVSS Scores
SSVC
- Decision:-
Timeline
- 2021-12-21 CVE Reserved
- 2022-10-18 CVE Published
- 2024-03-24 EPSS Updated
- 2024-09-16 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
CAPEC
References (1)
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Juniper Search vendor "Juniper" | Junos Os Evolved Search vendor "Juniper" for product "Junos Os Evolved" | 21.3 Search vendor "Juniper" for product "Junos Os Evolved" and version "21.3" | - |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Os Evolved Search vendor "Juniper" for product "Junos Os Evolved" | 21.3 Search vendor "Juniper" for product "Junos Os Evolved" and version "21.3" | r1 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Os Evolved Search vendor "Juniper" for product "Junos Os Evolved" | 21.3 Search vendor "Juniper" for product "Junos Os Evolved" and version "21.3" | r1-s1 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Os Evolved Search vendor "Juniper" for product "Junos Os Evolved" | 21.3 Search vendor "Juniper" for product "Junos Os Evolved" and version "21.3" | r2 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Os Evolved Search vendor "Juniper" for product "Junos Os Evolved" | 21.4 Search vendor "Juniper" for product "Junos Os Evolved" and version "21.4" | - |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Os Evolved Search vendor "Juniper" for product "Junos Os Evolved" | 21.4 Search vendor "Juniper" for product "Junos Os Evolved" and version "21.4" | r1 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Os Evolved Search vendor "Juniper" for product "Junos Os Evolved" | 21.4 Search vendor "Juniper" for product "Junos Os Evolved" and version "21.4" | r1-s1 |
Affected
| ||||||
Juniper Search vendor "Juniper" | Junos Os Evolved Search vendor "Juniper" for product "Junos Os Evolved" | 22.1 Search vendor "Juniper" for product "Junos Os Evolved" and version "22.1" | r1 |
Affected
|