CVE-2022-22203

An Incorrect Comparison vulnerability in PFE of Juniper Networks Junos OS allows an adjacent unauthenticated attacker to cause a Denial of Service (DoS). On QFX5000 Series, and EX4600 and EX4650 platforms, the fxpc process will crash followed by the FPC reboot upon receipt of a specific hostbound packet. Continued receipt of these specific packets will create a sustained Denial of Service (DoS) condition. This issue only affects Juniper Networks Junos OS 19.4 version 19.4R3-S4.

CVSS v3 6.5 MEDIUM

6.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector ADJACENT_NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://kb.juniper.net/JSA69707	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:juniper:junos:19.4:r3-s4:*:*:*:*:*:*

OR	cpe:2.3:h:juniper:ex4600:-:::::::*
	cpe:2.3:h:juniper:ex4650:-:::::::*
	cpe:2.3:h:juniper:qfx5100:-:::::::*
	cpe:2.3:h:juniper:qfx5110:-:::::::*
	cpe:2.3:h:juniper:qfx5120:-:::::::*
	cpe:2.3:h:juniper:qfx5130:-:::::::*
	cpe:2.3:h:juniper:qfx5200:-:::::::*
	cpe:2.3:h:juniper:qfx5210:-:::::::*
	cpe:2.3:h:juniper:qfx5220:-:::::::*
	cpe:2.3:h:juniper:qfx5700:-:::::::*

History

No history.

Information

Published : 2022-07-20 15:15

Updated : 2024-02-28 19:29

NVD link : CVE-2022-22203

Mitre link : CVE-2022-22203

CVE.ORG link : CVE-2022-22203

JSON object : View

Products Affected

juniper

qfx5210
qfx5120
qfx5220
qfx5700
ex4650
qfx5130
qfx5200
ex4600
junos
qfx5110
qfx5100

CWE

CWE-697

Incorrect Comparison

{"id": "CVE-2022-22203", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.8}, {"type": "Secondary", "source": "sirt@juniper.net", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.8}]}, "published": "2022-07-20T15:15:08.333", "references": [{"url": "https://kb.juniper.net/JSA69707", "tags": ["Vendor Advisory"], "source": "sirt@juniper.net"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "sirt@juniper.net", "description": [{"lang": "en", "value": "CWE-697"}]}], "descriptions": [{"lang": "en", "value": "An Incorrect Comparison vulnerability in PFE of Juniper Networks Junos OS allows an adjacent unauthenticated attacker to cause a Denial of Service (DoS). On QFX5000 Series, and EX4600 and EX4650 platforms, the fxpc process will crash followed by the FPC reboot upon receipt of a specific hostbound packet. Continued receipt of these specific packets will create a sustained Denial of Service (DoS) condition. This issue only affects Juniper Networks Junos OS 19.4 version 19.4R3-S4."}, {"lang": "es", "value": "Una vulnerabilidad de comparaci\u00f3n incorrecta en PFE del Sistema Operativo Junos de Juniper Networks permite a un atacante adyacente no autenticado causar una Denegaci\u00f3n de Servicio (DoS). En la serie QFX5000 y en las plataformas EX4600 y EX4650, el proceso fxpc ser\u00e1 bloqueado seguido del reinicio de la FPC al recibir un paquete espec\u00edfico dirigido al host. La recepci\u00f3n continuada de estos paquetes espec\u00edficos crear\u00e1 una condici\u00f3n de Denegaci\u00f3n de Servicio (DoS) sostenida. Este problema s\u00f3lo afecta a Juniper Networks Junos OS 19.4 versi\u00f3n 19.4R3-S4"}], "lastModified": "2022-07-27T19:07:14.133", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:19.4:r3-s4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A209EE6F-E676-4172-8FF3-4E03748DEB13"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:juniper:ex4600:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D1BB20B5-EA30-4E8E-9055-2E629648436A"}, {"criteria": "cpe:2.3:h:juniper:ex4650:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "2B425BB1-3C78-42B1-A6C1-216E514191F0"}, {"criteria": "cpe:2.3:h:juniper:qfx5100:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E974B4BC-64C5-4BB6-AF31-D46AF3763416"}, {"criteria": "cpe:2.3:h:juniper:qfx5110:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "79A8847B-4F98-4949-8639-5CD2B411D10F"}, {"criteria": "cpe:2.3:h:juniper:qfx5120:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "09EBDE4B-764F-4DF1-844A-BB8A52CD53EF"}, {"criteria": "cpe:2.3:h:juniper:qfx5130:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "AB58A6E9-FFCF-4331-AC3B-45C37BD1943E"}, {"criteria": "cpe:2.3:h:juniper:qfx5200:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "EDC5478F-A047-4F6D-BB11-0077A74C0174"}, {"criteria": "cpe:2.3:h:juniper:qfx5210:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D877320D-1997-4B66-B11B-864020C755E1"}, {"criteria": "cpe:2.3:h:juniper:qfx5220:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D193BEBD-9436-468D-B89E-D5720603451D"}, {"criteria": "cpe:2.3:h:juniper:qfx5700:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C7D6C74F-E85F-4D62-BDAF-FE619B467C76"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "sirt@juniper.net"}