CVE-2022-22188

An Uncontrolled Memory Allocation vulnerability leading to a Heap-based Buffer Overflow in the packet forwarding engine (PFE) of Juniper Networks Junos OS allows a network-based unauthenticated attacker to flood the device with traffic leading to a Denial of Service (DoS). The device must be configured with storm control profiling limiting the number of unknown broadcast, multicast, or unicast traffic to be vulnerable to this issue. This issue affects: Juniper Networks Junos OS on QFX5100/QFX5110/QFX5120/QFX5200/QFX5210/EX4600/EX4650 Series; 20.2 version 20.2R1 and later versions prior to 20.2R2. This issue does not affect: Juniper Networks Junos OS versions prior to 20.2R1.

CVSS v3 7.5 HIGH
CVSS v2.0 4.3 MEDIUM

7.5^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

4.3^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:N/I:N/A:P

Exploitability : 8.6 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
https://kb.juniper.net/JSA69497	Exploit Vendor Advisory

Configurations

Configuration 1 (hide)

AND

OR	cpe:2.3:o:juniper:junos:20.2:r1::::::
	cpe:2.3:o:juniper:junos:20.2:r1-s1::::::
	cpe:2.3:o:juniper:junos:20.2:r1-s2::::::
	cpe:2.3:o:juniper:junos:20.2:r1-s3::::::

OR	cpe:2.3:h:juniper:ex4600:-:::::::*
	cpe:2.3:h:juniper:ex4650:-:::::::*
	cpe:2.3:h:juniper:qfx5100:-:::::::*
	cpe:2.3:h:juniper:qfx5110:-:::::::*
	cpe:2.3:h:juniper:qfx5120:-:::::::*
	cpe:2.3:h:juniper:qfx5200:-:::::::*
	cpe:2.3:h:juniper:qfx5210:-:::::::*

History

21 Apr 2022, 09:44

Type	Values Removed	Values Added
References	~~(CONFIRM) https://kb.juniper.net/JSA69497 -~~	(CONFIRM) https://kb.juniper.net/JSA69497 - Exploit, Vendor Advisory
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : 4.3 v3 : 7.5
First Time		Juniper Juniper qfx5110 Juniper junos Juniper qfx5210 Juniper qfx5100 Juniper ex4600 Juniper qfx5200 Juniper qfx5120 Juniper ex4650
CPE		cpe:2.3:o:juniper:junos:20.2:r1-s1:::::: cpe:2.3:h:juniper:ex4600:-:::::::* cpe:2.3:h:juniper:qfx5120:-:::::::* cpe:2.3:h:juniper:qfx5100:-:::::::* cpe:2.3:o:juniper:junos:20.2:r1-s2:::::: cpe:2.3:h:juniper:qfx5110:-:::::::* cpe:2.3:o:juniper:junos:20.2:r1:::::: cpe:2.3:o:juniper:junos:20.2:r1-s3:::::: cpe:2.3:h:juniper:qfx5200:-:::::::* cpe:2.3:h:juniper:qfx5210:-:::::::* cpe:2.3:h:juniper:ex4650:-:::::::*

14 Apr 2022, 16:38

Type	Values Removed	Values Added
New CVE

Information

Published : 2022-04-14 16:15

Updated : 2023-12-10 14:22

NVD link : CVE-2022-22188

Mitre link : CVE-2022-22188

CVE.ORG link : CVE-2022-22188

JSON object : View

Products Affected

juniper

qfx5200
junos
qfx5120
ex4650
qfx5110
qfx5100
qfx5210
ex4600

CWE

CWE-122

Heap-based Buffer Overflow

CWE-789

Memory Allocation with Excessive Size Value

7.5 /10

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

4.3 /10

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

JSON object

Attach tags to CVE-2022-22188

7.5^/10

4.3^/10

Attach tags to `CVE-2022-22188`