CVE-2022-22178

{"id": "CVE-2022-22178", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}, {"type": "Secondary", "source": "sirt@juniper.net", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2022-01-19T01:15:09.577", "references": [{"url": "https://kb.juniper.net/JSA11284", "tags": ["Vendor Advisory"], "source": "sirt@juniper.net"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "sirt@juniper.net", "description": [{"lang": "en", "value": "CWE-121"}]}], "descriptions": [{"lang": "en", "value": "A Stack-based Buffer Overflow vulnerability in the flow processing daemon (flowd) of Juniper Networks Junos OS on MX Series and SRX series allows an unauthenticated networked attacker to cause a flowd crash and thereby a Denial of Service (DoS). Continued receipt of these specific packets will cause a sustained Denial of Service condition. This issue can be triggered by a specific Session Initiation Protocol (SIP) invite packet if the SIP ALG is enabled. Due to this, the PIC will be rebooted and all traffic that traverses the PIC will be dropped. This issue affects: Juniper Networks Junos OS 20.4 versions prior to 20.4R3-S2; 21.1 versions prior to 21.1R2-S1, 21.1R3; 21.2 versions prior to 21.2R2; 21.3 versions prior to 21.3R2. This issue does not affect Juniper Networks Junos OS versions prior to 20.4R1."}, {"lang": "es", "value": "Una vulnerabilidad de desbordamiento del b\u00fafer en la regi\u00f3n Stack de la memoria en el demonio de procesamiento de flujos (flowd) del Sistema Operativo Junos de Juniper Networks en las series MX y SRX permite a un atacante no autenticado conectado a la red causar un bloqueo de flowd y, por tanto, una denegaci\u00f3n de servicio (DoS). La recepci\u00f3n continuada de estos paquetes espec\u00edficos causar\u00e1 una condici\u00f3n de denegaci\u00f3n de servicio sostenida. Este problema puede ser desencadenado por un paquete espec\u00edfico de Invitaci\u00f3n del Protocolo de Iniciaci\u00f3n de Sesi\u00f3n (SIP) si el SIP ALG est\u00e1 habilitado. Debido a esto, el PIC ser\u00eda reiniciado y todo el tr\u00e1fico que atraviesa el PIC se caer\u00e1. Este problema afecta: Juniper Networks Junos OS versiones 20.4 anteriores a 20.4R3-S2; versiones 21.1 anteriores a 21.1R2-S1, 21.1R3; versiones 21.2 anteriores a 21.2R2; 21.3 versiones anteriores a 21.3R2. Este problema no afecta a versiones del Sistema Operativo Junos de Juniper Networks anteriores a 20.4R1"}], "lastModified": "2022-01-26T19:29:51.343", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:20.4:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "20DDC6B7-BFC4-4F0B-8E68-442C23765BF2"}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "037BA01C-3F5C-4503-A633-71765E9EF774"}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C54B047C-4B38-40C0-9855-067DCF7E48BD"}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r2-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "38984199-E332-4A9C-A4C0-78083D052E15"}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r2-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AA6526FB-2941-4D18-9B2E-472AD5A62A53"}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "09876787-A40A-4340-9C12-8628C325353B"}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "41615104-C17E-44DA-AB0D-6E2053BD4EF4"}, {"criteria": "cpe:2.3:o:juniper:junos:21.1:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "625BA7E6-D2AD-4A48-9B94-24328BE5B06A"}, {"criteria": "cpe:2.3:o:juniper:junos:21.1:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F462F4E3-762C-429F-8D25-5521100DD37C"}, {"criteria": "cpe:2.3:o:juniper:junos:21.1:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C0BC9DAC-D6B5-4C5E-8C73-6E550D9A30F5"}, {"criteria": "cpe:2.3:o:juniper:junos:21.2:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A52AF794-B36B-43A6-82E9-628658624B0A"}, {"criteria": "cpe:2.3:o:juniper:junos:21.2:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3998DC76-F72F-4452-9150-652140B113EB"}, {"criteria": "cpe:2.3:o:juniper:junos:21.3:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CC78A4CB-D617-43FC-BB51-287D2D0C44ED"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:juniper:mx10:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "52699E2B-450A-431C-81E3-DC4483C8B4F2"}, {"criteria": "cpe:2.3:h:juniper:mx10000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D97AF6F8-3D50-4D35-BCB1-54E3BEC69B9F"}, {"criteria": "cpe:2.3:h:juniper:mx10003:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D5627740-42E3-4FB1-B8B9-0B768AFFA1EC"}, {"criteria": "cpe:2.3:h:juniper:mx10008:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D6F0EA2F-BF7E-45D0-B2B4-8A7B67A9475A"}, {"criteria": "cpe:2.3:h:juniper:mx10016:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C39DA74D-F5C7-4C11-857D-50631A110644"}, {"criteria": "cpe:2.3:h:juniper:mx104:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F72C850A-0530-4DB7-A553-7E19F82122B5"}, {"criteria": "cpe:2.3:h:juniper:mx150:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7FE2089C-F341-4DC1-B76D-633BC699306D"}, {"criteria": "cpe:2.3:h:juniper:mx2008:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2FEF33EB-B2E0-42EF-A1BB-D41021B6D08F"}, {"criteria": "cpe:2.3:h:juniper:mx2010:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "27175D9A-CA2C-4218-8042-835E25DFCA43"}, {"criteria": "cpe:2.3:h:juniper:mx2020:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "00C7FC57-8ACF-45AA-A227-7E3B350FD24F"}, {"criteria": "cpe:2.3:h:juniper:mx204:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2754C2DF-DF6E-4109-9463-38B4E0465B77"}, {"criteria": "cpe:2.3:h:juniper:mx240:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F4A26704-A6A4-4C4F-9E12-A0A0259491EF"}, {"criteria": "cpe:2.3:h:juniper:mx40:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C982A2FF-A1F9-4830-BAB6-77CFCE1F093F"}, {"criteria": "cpe:2.3:h:juniper:mx480:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "104858BD-D31D-40E0-8524-2EC311F10EAC"}, {"criteria": "cpe:2.3:h:juniper:mx5:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3B557965-0040-4048-B56C-F564FF28635B"}, {"criteria": "cpe:2.3:h:juniper:mx80:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "EB875EBD-A3CD-4466-B2A3-39D47FF94592"}, {"criteria": "cpe:2.3:h:juniper:mx960:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B5E08E1E-0FE4-4294-9497-BBFFECA2A220"}, {"criteria": "cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "561C1113-3D59-4DD9-ADA7-3C9ECC4632EC"}, {"criteria": "cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "78C6D8A0-92D3-4FD3-BCC1-CC7C87B76317"}, {"criteria": "cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "927EAB8B-EC3B-4B12-85B9-5517EBA49A30"}, {"criteria": "cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2CEBF85C-736A-4E7D-956A-3E8210D4F70B"}, {"criteria": "cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "CD647C15-A686-4C8F-A766-BC29404C0FED"}, {"criteria": "cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "45AB1622-1AED-4CD7-98F1-67779CDFC321"}, {"criteria": "cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "89276D88-3B8D-4168-A2CD-0920297485F2"}, {"criteria": "cpe:2.3:h:juniper:srx240h2:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E020556B-693F-4963-BA43-3164AB50FA49"}, {"criteria": "cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "BB5AB24B-2B43-43DD-AE10-F758B4B19F2A"}, {"criteria": "cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "80F9DC32-5ADF-4430-B1A6-357D0B29DB78"}, {"criteria": "cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8B82D4C4-7A65-409A-926F-33C054DCBFBA"}, {"criteria": "cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "746C3882-2A5B-4215-B259-EB1FD60C513D"}, {"criteria": "cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "CE535749-F4CE-4FFA-B23D-BF09C92481E5"}, {"criteria": "cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "DDE64EC0-7E42-43AF-A8FA-1A233BD3E3BC"}, {"criteria": "cpe:2.3:h:juniper:srx380:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2305DA9D-E6BA-48F4-80CF-9E2DE7661B2F"}, {"criteria": "cpe:2.3:h:juniper:srx4000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "06A03463-6B1D-4DBA-9E89-CAD5E899B98B"}, {"criteria": "cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3AA8999C-8AE4-416F-BA2A-B1A21F33B4D7"}, {"criteria": "cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "CCC5F6F5-4347-49D3-909A-27A3A96D36C9"}, {"criteria": "cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "56BA6B86-D3F4-4496-AE46-AC513C6560FA"}, {"criteria": "cpe:2.3:h:juniper:srx5000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5ABA347C-3EF3-4F75-B4D1-54590A57C2BC"}, {"criteria": "cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2FDDC897-747F-44DD-9599-7266F9B5B7B1"}, {"criteria": "cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "62FC145A-D477-4C86-89E7-F70F52773801"}, {"criteria": "cpe:2.3:h:juniper:srx550_hm:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "06685D0E-A075-49A5-9EF4-34F0F795C8C6"}, {"criteria": "cpe:2.3:h:juniper:srx550m:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "52F0B735-8C49-4B08-950A-296C9CDE43CA"}, {"criteria": "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "68CA098D-CBE4-4E62-9EC0-43E1B6098710"}, {"criteria": "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "66F474D4-79B6-4525-983C-9A9011BD958B"}, {"criteria": "cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8AA424D4-4DBF-4E8C-96B8-E37741B5403E"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "sirt@juniper.net"}