CVE-2022-22170

{"id": "CVE-2022-22170", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}, {"type": "Secondary", "source": "sirt@juniper.net", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2022-01-19T01:15:09.080", "references": [{"url": "https://kb.juniper.net/JSA11277", "tags": ["Vendor Advisory"], "source": "sirt@juniper.net"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "sirt@juniper.net", "description": [{"lang": "en", "value": "CWE-772"}]}], "descriptions": [{"lang": "en", "value": "A Missing Release of Resource after Effective Lifetime vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an unauthenticated networked attacker to cause a Denial of Service (DoS) by sending specific packets over VXLAN which cause heap memory to leak and on exhaustion the PFE to reset. The heap memory utilization can be monitored with the command: user@host> show chassis fpc This issue affects: Juniper Networks Junos OS 19.4 versions prior to 19.4R2-S6, 19.4R3-S6; 20.1 versions prior to 20.1R3-S2; 20.2 versions prior to 20.2R3-S3; 20.3 versions prior to 20.3R3-S1; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R3; 21.2 versions prior to 21.2R2. This issue does not affect versions of Junos OS prior to 19.4R1."}, {"lang": "es", "value": "Una vulnerabilidad de Falta de Liberaci\u00f3n de Recursos Despu\u00e9s del Tiempo de Vida Efectivo en el Motor de Reenv\u00edo de Paquetes (PFE) del Sistema Operativo Junos de Juniper Networks permite a un atacante no autenticado en red causar una denegaci\u00f3n de servicio (DoS) mediante el env\u00edo de paquetes espec\u00edficos a trav\u00e9s de VXLAN que causan una p\u00e9rdida de memoria de la pila y, al agotarse, el PFE es reiniciado. El uso de la memoria de la pila puede supervisarse con el comando: user@host) show chassis fpc Este problema afecta a: Juniper Networks Junos OS 19.4 versiones anteriores a 19.4R2-S6, 19.4R3-S6; 20.1 versiones anteriores a 20.1R3-S2; versiones 20.2 anteriores a 20.2R3-S3; versiones 20.3 anteriores a 20.3R3-S1; versiones 20.4 anteriores a 20.4R3; versiones 21.1 anteriores a 21.1R3; versiones 21.2 anteriores a 21.2R2. Este problema no afecta a Junos OS versiones anteriores a 19.4R1"}], "lastModified": "2022-01-26T18:17:33.447", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:19.4:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DC743EE4-8833-452A-94DB-655BF139F883"}, {"criteria": "cpe:2.3:o:juniper:junos:19.4:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FE96A8EA-FFE3-4D8F-9266-21899149D634"}, {"criteria": "cpe:2.3:o:juniper:junos:19.4:r1-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C12A75C6-2D00-4202-B861-00FF71585FA0"}, {"criteria": "cpe:2.3:o:juniper:junos:19.4:r1-s3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "70FF3DD4-14CB-435D-8529-0480EB853F60"}, {"criteria": "cpe:2.3:o:juniper:junos:19.4:r1-s4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "84429093-AB3C-4C05-B8FA-87D94091820F"}, {"criteria": "cpe:2.3:o:juniper:junos:19.4:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4DCFA774-96EF-4018-82CF-95C807025C24"}, {"criteria": "cpe:2.3:o:juniper:junos:19.4:r2-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "76022948-4B07-43CB-824C-44E1AB3537CB"}, {"criteria": "cpe:2.3:o:juniper:junos:19.4:r2-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "25446F60-5CB9-4923-BCE8-609AE3CFDFBC"}, {"criteria": "cpe:2.3:o:juniper:junos:19.4:r2-s3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A23E5CEA-EFF5-4641-BC47-BA2D0859F0EE"}, {"criteria": "cpe:2.3:o:juniper:junos:19.4:r2-s4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "760E2418-B945-4467-BDAC-7702DDF4C4EE"}, {"criteria": "cpe:2.3:o:juniper:junos:19.4:r2-s5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "98097AB6-56CB-42E4-96B4-ABBD4F36553C"}, {"criteria": "cpe:2.3:o:juniper:junos:19.4:r3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "758275F3-9457-45A2-8F57-65DCD659FC1B"}, {"criteria": "cpe:2.3:o:juniper:junos:19.4:r3-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B46CB928-78B5-4D60-B747-9A0988C7060D"}, {"criteria": "cpe:2.3:o:juniper:junos:19.4:r3-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ED73BF1A-96E4-49F1-A6AA-7B29DAA6C112"}, {"criteria": "cpe:2.3:o:juniper:junos:19.4:r3-s3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0886EFA6-47E3-4C1D-A278-D3891A487FED"}, {"criteria": "cpe:2.3:o:juniper:junos:19.4:r3-s4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A209EE6F-E676-4172-8FF3-4E03748DEB13"}, {"criteria": "cpe:2.3:o:juniper:junos:19.4:r3-s5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EC395200-9A69-468A-8461-D2219B34AA0E"}, {"criteria": "cpe:2.3:o:juniper:junos:19.4:r3-s6:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "08584FCD-4593-4590-A988-C862295E618A"}, {"criteria": "cpe:2.3:o:juniper:junos:20.1:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8328FDE6-9707-4142-B905-3B07C0E28E35"}, {"criteria": "cpe:2.3:o:juniper:junos:20.1:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "41CD982F-E6F2-4951-9F96-A76C142DF08E"}, {"criteria": "cpe:2.3:o:juniper:junos:20.1:r1-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "19FDC05F-5582-4F7E-B628-E58A3C0E7F2F"}, {"criteria": "cpe:2.3:o:juniper:junos:20.1:r1-s3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "401306D1-E9CE-49C6-8DC9-0E8747B9DC2C"}, {"criteria": "cpe:2.3:o:juniper:junos:20.1:r1-s4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "615EAF48-AD53-4CC2-B233-5EA5C0F72CB1"}, {"criteria": "cpe:2.3:o:juniper:junos:20.1:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DC8E7547-6649-436D-BC45-184417680C72"}, {"criteria": "cpe:2.3:o:juniper:junos:20.1:r2-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D9789FF8-D55C-4AF9-A250-E543A0EB826F"}, {"criteria": "cpe:2.3:o:juniper:junos:20.1:r2-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5C238EB1-5A38-4877-8849-4A6D36918B3F"}, {"criteria": "cpe:2.3:o:juniper:junos:20.1:r3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C21638A9-6AD8-4347-AA3F-64BC7BD71C0D"}, {"criteria": "cpe:2.3:o:juniper:junos:20.1:r3-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D621DB7F-BC6B-4A07-8803-596B3ED11CF2"}, {"criteria": "cpe:2.3:o:juniper:junos:20.1:r3-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A5620596-4DEE-41D7-A63F-224D814DAA77"}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CD07B7E2-F5C2-4610-9133-FDA9E66DFF4F"}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D3C23AEB-34DE-44FB-8D64-E69D6E8B7401"}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r1-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "18DB9401-5A51-4BB3-AC2F-58F58F1C788C"}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r1-s3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "06F53DA5-59AE-403C-9B1E-41CE267D8BB1"}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3332262F-81DA-4D78-99C9-514CADA46611"}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r2-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B46B63A2-1518-4A29-940C-F05624C9658D"}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r2-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8E0D4959-3865-42A7-98CD-1103EBD84528"}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r2-s3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3A58292B-814C-49E7-8D6D-BE26EFB9ADDF"}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "681AE183-7183-46E7-82EA-28C398FA1C3D"}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r3-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8A6E9627-8BF1-4BE8-844B-EE8F1C9478F0"}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r3-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0A80F23B-CD13-4745-BA92-67C23B297A18"}, {"criteria": "cpe:2.3:o:juniper:junos:20.3:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5C9BC697-C7C9-447D-9EBD-E9711462583E"}, {"criteria": "cpe:2.3:o:juniper:junos:20.3:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7B80433B-57B1-49EF-B1A1-83781D6102E3"}, {"criteria": "cpe:2.3:o:juniper:junos:20.3:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "05D8427C-CDDE-4B2F-9CB8-41B9137660E4"}, {"criteria": "cpe:2.3:o:juniper:junos:20.3:r2-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F3DC01F2-6DFE-4A8E-9962-5E59AA965935"}, {"criteria": "cpe:2.3:o:juniper:junos:20.3:r3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7DA0E196-925E-4056-B411-E158702D5D4F"}, {"criteria": "cpe:2.3:o:juniper:junos:20.3:r3-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E33A522F-E35C-4473-9CBD-9C6E5A831086"}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "20DDC6B7-BFC4-4F0B-8E68-442C23765BF2"}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "037BA01C-3F5C-4503-A633-71765E9EF774"}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C54B047C-4B38-40C0-9855-067DCF7E48BD"}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r2-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "38984199-E332-4A9C-A4C0-78083D052E15"}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r2-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AA6526FB-2941-4D18-9B2E-472AD5A62A53"}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "09876787-A40A-4340-9C12-8628C325353B"}, {"criteria": "cpe:2.3:o:juniper:junos:21.1:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "625BA7E6-D2AD-4A48-9B94-24328BE5B06A"}, {"criteria": "cpe:2.3:o:juniper:junos:21.1:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F462F4E3-762C-429F-8D25-5521100DD37C"}, {"criteria": "cpe:2.3:o:juniper:junos:21.1:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C0BC9DAC-D6B5-4C5E-8C73-6E550D9A30F5"}, {"criteria": "cpe:2.3:o:juniper:junos:21.1:r2-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "689FE1AE-7A85-4FB6-AB02-E732F23581B6"}, {"criteria": "cpe:2.3:o:juniper:junos:21.2:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A52AF794-B36B-43A6-82E9-628658624B0A"}, {"criteria": "cpe:2.3:o:juniper:junos:21.2:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3998DC76-F72F-4452-9150-652140B113EB"}, {"criteria": "cpe:2.3:o:juniper:junos:21.3:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CC78A4CB-D617-43FC-BB51-287D2D0C44ED"}], "operator": "OR"}]}], "sourceIdentifier": "sirt@juniper.net"}