CVE-2022-22171Improper Check for Unusual or Exceptional Conditions in Networks Junos OS

CWE-754Improper Check for Unusual or Exceptional Conditions4 documents4 sources
Severity
7.5HIGHNVD
EPSS
0.4%
top 39.92%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Juniper Networks Junos OSJuniper Junos
Timeline
PublishedJan 19
Latest updateJan 20

Description

An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an unauthenticated networked attacker to cause a Denial of Service (DoS) by sending specific packets over VXLAN which cause the PFE to reset. This issue affects: Juniper Networks Junos OS 19.4 versions prior to 19.4R3-S7; 20.1 versions prior to 20.1R3-S3; 20.2 versions prior to 20.2R3-S3; 20.3 versions prior to 20.3R3-S2; 20.4 versions prior to 20.4R3-S1

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

CVEListV5juniper_networks/junos_os19.419.4R3-S7+7
NVDjuniper/junos8 versions+7

🔴Vulnerability Details

2
GHSA
GHSA-3vqf-rm2x-wv2w: An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an una2022-01-20
CVEList
Junos OS: Specific packets over VXLAN cause FPC reset2022-01-19

📋Vendor Advisories

1
Juniper
CVE-2022-22171: An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an una2022-01-19
CVE-2022-22171 — Networks Junos OS vulnerability | cvebase