CVE-2022-22159

A vulnerability in the NETISR network queue functionality of Juniper Networks Junos OS kernel allows an attacker to cause a Denial of Service (DoS) by sending crafted genuine packets to a device. During an attack, the routing protocol daemon (rpd) CPU may reach 100% utilization, yet FPC CPUs forwarding traffic will operate normally. This attack occurs when the attackers' packets are sent over an IPv4 unicast routing equal-cost multi-path (ECMP) unilist selection. Continued receipt and processing of these packets will create a sustained Denial of Service (DoS) condition. An indicator of compromise may be to monitor NETISR drops in the network with the assistance of JTAC. Please contact JTAC for technical support for further guidance. This issue affects: Juniper Networks Junos OS 17.3 version 17.3R3-S9 and later versions prior to 17.3R3-S12; 17.4 version 17.4R3-S3 and later versions prior to 17.4R3-S5; 18.1 version 18.1R3-S11 and later versions prior to 18.1R3-S13; 18.2 version 18.2R3-S6 and later versions; 18.3 version 18.3R3-S4 and later versions prior to 18.3R3-S5; 18.4 version 18.4R3-S5 and later versions prior to 18.4R3-S9; 19.1 version 19.1R3-S3 and later versions prior to 19.1R3-S7. This issue does not affect Juniper Networks Junos OS versions prior to 17.3R3-S9. This issue does not affect Juniper Networks Junos OS Evolved.

CVSS v3 7.5 HIGH
CVSS v2.0 5.0 MEDIUM

7.5^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

5.0^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
https://kb.juniper.net/JSA11267	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:juniper:junos:17.3:r3-s10::::::
	cpe:2.3:o:juniper:junos:17.3:r3-s11::::::
	cpe:2.3:o:juniper:junos:17.3:r3-s9::::::
	cpe:2.3:o:juniper:junos:17.4:r3-s3::::::
	cpe:2.3:o:juniper:junos:17.4:r3-s4::::::
	cpe:2.3:o:juniper:junos:18.1:r3-s11::::::
	cpe:2.3:o:juniper:junos:18.1:r3-s12::::::
	cpe:2.3:o:juniper:junos:18.2:r3-s6::::::
	cpe:2.3:o:juniper:junos:18.2:r3-s7::::::
	cpe:2.3:o:juniper:junos:18.2:r3-s8::::::
	cpe:2.3:o:juniper:junos:18.3:r3-s4::::::
	cpe:2.3:o:juniper:junos:18.4:r3-s5::::::
	cpe:2.3:o:juniper:junos:18.4:r3-s6::::::
	cpe:2.3:o:juniper:junos:18.4:r3-s7::::::
	cpe:2.3:o:juniper:junos:18.4:r3-s8::::::
	cpe:2.3:o:juniper:junos:19.1:r3-s3::::::
	cpe:2.3:o:juniper:junos:19.1:r3-s4::::::
	cpe:2.3:o:juniper:junos:19.1:r3-s5::::::
	cpe:2.3:o:juniper:junos:19.1:r3-s6::::::

History

08 Aug 2023, 14:22

Type	Values Removed	Values Added
CWE	~~CWE-400~~	NVD-CWE-noinfo

31 Jan 2022, 18:17

Type	Values Removed	Values Added
CWE		CWE-400
First Time		Juniper Juniper junos
References	~~(CONFIRM) https://kb.juniper.net/JSA11267 -~~	(CONFIRM) https://kb.juniper.net/JSA11267 - Vendor Advisory
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : 5.0 v3 : 7.5
CPE		cpe:2.3:o:juniper:junos:17.3:r3-s11:::::: cpe:2.3:o:juniper:junos:19.1:r3-s5:::::: cpe:2.3:o:juniper:junos:18.2:r3-s7:::::: cpe:2.3:o:juniper:junos:18.1:r3-s12:::::: cpe:2.3:o:juniper:junos:19.1:r3-s6:::::: cpe:2.3:o:juniper:junos:18.3:r3-s4:::::: cpe:2.3:o:juniper:junos:19.1:r3-s4:::::: cpe:2.3:o:juniper:junos:17.3:r3-s10:::::: cpe:2.3:o:juniper:junos:18.1:r3-s11:::::: cpe:2.3:o:juniper:junos:18.2:r3-s8:::::: cpe:2.3:o:juniper:junos:19.1:r3-s3:::::: cpe:2.3:o:juniper:junos:17.4:r3-s3:::::: cpe:2.3:o:juniper:junos:18.4:r3-s5:::::: cpe:2.3:o:juniper:junos:17.4:r3-s4:::::: cpe:2.3:o:juniper:junos:18.4:r3-s8:::::: cpe:2.3:o:juniper:junos:18.2:r3-s6:::::: cpe:2.3:o:juniper:junos:18.4:r3-s6:::::: cpe:2.3:o:juniper:junos:18.4:r3-s7:::::: cpe:2.3:o:juniper:junos:17.3:r3-s9::::::

19 Jan 2022, 01:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2022-01-19 01:15

Updated : 2023-12-10 14:09

NVD link : CVE-2022-22159

Mitre link : CVE-2022-22159

CVE.ORG link : CVE-2022-22159

JSON object : View

Products Affected

juniper

junos

CWE

NVD-CWE-noinfo

7.5 /10

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

5.0 /10

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

JSON object

Attach tags to CVE-2022-22159

7.5^/10

5.0^/10

Attach tags to `CVE-2022-22159`