CVE-2022-22207

{"id": "CVE-2022-22207", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}, {"type": "Secondary", "source": "sirt@juniper.net", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2022-07-20T15:15:08.580", "references": [{"url": "https://kb.juniper.net/JSA69711", "tags": ["Vendor Advisory"], "source": "sirt@juniper.net"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "sirt@juniper.net", "description": [{"lang": "en", "value": "CWE-416"}]}], "descriptions": [{"lang": "en", "value": "A Use After Free vulnerability in the Advanced Forwarding Toolkit (AFT) manager process (aftmand) of Juniper Networks Junos OS allows an unauthenticated networked attacker to cause a kernel crash due to intensive polling of Abstracted Fabric (AF) interface statistics and thereby a Denial of Service (DoS). Continued gathering of AF interface statistics will create a sustained Denial of Service (DoS) condition. This issue affects Juniper Networks Junos OS on MX Series: 20.1 versions later than 20.1R1; 20.2 versions prior to 20.2R3-S5; 20.3 versions prior to 20.3R3-S4; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R2; 21.2 versions prior to 21.2R2."}, {"lang": "es", "value": "Una vulnerabilidad de Uso de Memoria Previamente Liberada en el proceso de administraci\u00f3n de Advanced Forwarding Toolkit (AFT) (aftmand) de Juniper Networks Junos OS permite a un atacante no autenticado en red causar un bloqueo del kernel debido al sondeo intensivo de las estad\u00edsticas de la interfaz de Abstracted Fabric (AF) y, por tanto, una Denegaci\u00f3n de Servicio (DoS). La recopilaci\u00f3n continuada de estad\u00edsticas de la interfaz AF crear\u00e1 una condici\u00f3n de Denegaci\u00f3n de Servicio (DoS) sostenida. Este problema afecta a Juniper Networks Junos OS en la serie MX: versiones 20.1 posteriores a 20.1R1; versiones 20.2 anteriores a 20.2R3-S5; versiones 20.3 anteriores a 20.3R3-S4; versiones 20.4 anteriores a 20.4R3; versiones 21.1 anteriores a 21.1R2; versiones 21.2 anteriores a 21.2R2"}], "lastModified": "2022-07-29T13:43:44.987", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:20.1:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "41CD982F-E6F2-4951-9F96-A76C142DF08E"}, {"criteria": "cpe:2.3:o:juniper:junos:20.1:r1-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "19FDC05F-5582-4F7E-B628-E58A3C0E7F2F"}, {"criteria": "cpe:2.3:o:juniper:junos:20.1:r1-s3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "401306D1-E9CE-49C6-8DC9-0E8747B9DC2C"}, {"criteria": "cpe:2.3:o:juniper:junos:20.1:r1-s4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "615EAF48-AD53-4CC2-B233-5EA5C0F72CB1"}, {"criteria": "cpe:2.3:o:juniper:junos:20.1:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DC8E7547-6649-436D-BC45-184417680C72"}, {"criteria": "cpe:2.3:o:juniper:junos:20.1:r2-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D9789FF8-D55C-4AF9-A250-E543A0EB826F"}, {"criteria": "cpe:2.3:o:juniper:junos:20.1:r2-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5C238EB1-5A38-4877-8849-4A6D36918B3F"}, {"criteria": "cpe:2.3:o:juniper:junos:20.1:r3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C21638A9-6AD8-4347-AA3F-64BC7BD71C0D"}, {"criteria": "cpe:2.3:o:juniper:junos:20.1:r3-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D621DB7F-BC6B-4A07-8803-596B3ED11CF2"}, {"criteria": "cpe:2.3:o:juniper:junos:20.1:r3-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A5620596-4DEE-41D7-A63F-224D814DAA77"}, {"criteria": "cpe:2.3:o:juniper:junos:20.1:r3-s3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A8BBCEC0-5915-4F69-90FD-070A94145BB9"}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D4CF52CF-F911-4615-9171-42F84429149F"}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CD07B7E2-F5C2-4610-9133-FDA9E66DFF4F"}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D3C23AEB-34DE-44FB-8D64-E69D6E8B7401"}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r1-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "18DB9401-5A51-4BB3-AC2F-58F58F1C788C"}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r1-s3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "06F53DA5-59AE-403C-9B1E-41CE267D8BB1"}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3332262F-81DA-4D78-99C9-514CADA46611"}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r2-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B46B63A2-1518-4A29-940C-F05624C9658D"}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r2-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8E0D4959-3865-42A7-98CD-1103EBD84528"}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r2-s3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3A58292B-814C-49E7-8D6D-BE26EFB9ADDF"}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "681AE183-7183-46E7-82EA-28C398FA1C3D"}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r3-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8A6E9627-8BF1-4BE8-844B-EE8F1C9478F0"}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r3-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0A80F23B-CD13-4745-BA92-67C23B297A18"}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r3-s3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "67D4004B-1233-4258-9C7A-F05189146B44"}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r3-s4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "69E33F24-D480-4B5F-956D-D435A551CBE7"}, {"criteria": "cpe:2.3:o:juniper:junos:20.3:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "03009CC1-21AC-4A46-A747-D0C67FCD41DA"}, {"criteria": "cpe:2.3:o:juniper:junos:20.3:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5C9BC697-C7C9-447D-9EBD-E9711462583E"}, {"criteria": "cpe:2.3:o:juniper:junos:20.3:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7B80433B-57B1-49EF-B1A1-83781D6102E3"}, {"criteria": "cpe:2.3:o:juniper:junos:20.3:r1-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A352BB7A-6F17-4E64-BC02-1A7E4CD42653"}, {"criteria": "cpe:2.3:o:juniper:junos:20.3:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "05D8427C-CDDE-4B2F-9CB8-41B9137660E4"}, {"criteria": "cpe:2.3:o:juniper:junos:20.3:r2-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F3DC01F2-6DFE-4A8E-9962-5E59AA965935"}, {"criteria": "cpe:2.3:o:juniper:junos:20.3:r3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7DA0E196-925E-4056-B411-E158702D5D4F"}, {"criteria": "cpe:2.3:o:juniper:junos:20.3:r3-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E33A522F-E35C-4473-9CBD-9C6E5A831086"}, {"criteria": "cpe:2.3:o:juniper:junos:20.3:r3-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E9AE26EB-699B-4B10-87E2-9E731B820F32"}, {"criteria": "cpe:2.3:o:juniper:junos:20.3:r3-s3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A29E0070-47E9-43DD-9303-C732FE8CC851"}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3D361B23-A3C2-444B-BEB8-E231DA950567"}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "20DDC6B7-BFC4-4F0B-8E68-442C23765BF2"}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "037BA01C-3F5C-4503-A633-71765E9EF774"}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C54B047C-4B38-40C0-9855-067DCF7E48BD"}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r2-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "38984199-E332-4A9C-A4C0-78083D052E15"}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r2-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AA6526FB-2941-4D18-9B2E-472AD5A62A53"}, {"criteria": "cpe:2.3:o:juniper:junos:21.1:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6FDB5B7D-FB37-47E3-8678-B9ED578CCA5F"}, {"criteria": "cpe:2.3:o:juniper:junos:21.1:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "625BA7E6-D2AD-4A48-9B94-24328BE5B06A"}, {"criteria": "cpe:2.3:o:juniper:junos:21.1:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F462F4E3-762C-429F-8D25-5521100DD37C"}, {"criteria": "cpe:2.3:o:juniper:junos:21.2:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "216E7DDE-453D-481F-92E2-9F8466CDDA3F"}, {"criteria": "cpe:2.3:o:juniper:junos:21.2:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A52AF794-B36B-43A6-82E9-628658624B0A"}, {"criteria": "cpe:2.3:o:juniper:junos:21.2:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3998DC76-F72F-4452-9150-652140B113EB"}, {"criteria": "cpe:2.3:o:juniper:junos:21.2:r1-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "36ED4552-2420-45F9-B6E4-6DA2B2B12870"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:juniper:mx10:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "52699E2B-450A-431C-81E3-DC4483C8B4F2"}, {"criteria": "cpe:2.3:h:juniper:mx10000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D97AF6F8-3D50-4D35-BCB1-54E3BEC69B9F"}, {"criteria": "cpe:2.3:h:juniper:mx10003:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D5627740-42E3-4FB1-B8B9-0B768AFFA1EC"}, {"criteria": "cpe:2.3:h:juniper:mx10008:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D6F0EA2F-BF7E-45D0-B2B4-8A7B67A9475A"}, {"criteria": "cpe:2.3:h:juniper:mx10016:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C39DA74D-F5C7-4C11-857D-50631A110644"}, {"criteria": "cpe:2.3:h:juniper:mx104:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F72C850A-0530-4DB7-A553-7E19F82122B5"}, {"criteria": "cpe:2.3:h:juniper:mx150:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7FE2089C-F341-4DC1-B76D-633BC699306D"}, {"criteria": "cpe:2.3:h:juniper:mx2008:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2FEF33EB-B2E0-42EF-A1BB-D41021B6D08F"}, {"criteria": "cpe:2.3:h:juniper:mx2010:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "27175D9A-CA2C-4218-8042-835E25DFCA43"}, {"criteria": "cpe:2.3:h:juniper:mx2020:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "00C7FC57-8ACF-45AA-A227-7E3B350FD24F"}, {"criteria": "cpe:2.3:h:juniper:mx204:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2754C2DF-DF6E-4109-9463-38B4E0465B77"}, {"criteria": "cpe:2.3:h:juniper:mx240:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F4A26704-A6A4-4C4F-9E12-A0A0259491EF"}, {"criteria": "cpe:2.3:h:juniper:mx40:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C982A2FF-A1F9-4830-BAB6-77CFCE1F093F"}, {"criteria": "cpe:2.3:h:juniper:mx480:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "104858BD-D31D-40E0-8524-2EC311F10EAC"}, {"criteria": "cpe:2.3:h:juniper:mx5:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3B557965-0040-4048-B56C-F564FF28635B"}, {"criteria": "cpe:2.3:h:juniper:mx80:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "EB875EBD-A3CD-4466-B2A3-39D47FF94592"}, {"criteria": "cpe:2.3:h:juniper:mx960:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B5E08E1E-0FE4-4294-9497-BBFFECA2A220"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "sirt@juniper.net"}