CVE-2022-22177Improper Handling of Exceptional Conditions in Networks Junos OS

CWE-755Improper Handling of Exceptional Conditions4 documents4 sources
Severity
7.5HIGHNVD
CNA5.3
EPSS
0.2%
top 52.52%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
Juniper Networks Junos OSJuniper Networks Junos OS EvolvedJuniper Junos+1 more
Timeline
PublishedJan 19
Latest updateJan 20

Description

A release of illegal memory vulnerability in the snmpd daemon of Juniper Networks Junos OS, Junos OS Evolved allows an attacker to halt the snmpd daemon causing a sustained Denial of Service (DoS) to the service until it is manually restarted. This issue impacts any version of SNMP – v1,v2, v3 This issue affects: Juniper Networks Junos OS 12.3 versions prior to 12.3R12-S20; 15.1 versions prior to 15.1R7-S11; 18.3 versions prior to 18.3R3-S6; 18.4 versions prior to 18.4R2-S9, 18.4R3-S10; 19.1 ver

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages4 packages

CVEListV5juniper_networks/junos_os_evolvedunspecified21.2R3-EVO+1
CVEListV5juniper_networks/junos_os12.312.3R12-S20+13
NVDjuniper/junos_os_evolved21.2, 21.3+1
NVDjuniper/junos14 versions+13

🔴Vulnerability Details

2
GHSA
GHSA-5w5q-5c76-p78m: A release of illegal memory vulnerability in the snmpd daemon of Juniper Networks Junos OS, Junos OS Evolved allows an attacker to halt the snmpd daem2022-01-20
CVEList
Junos OS and Junos OS Evolved: After receiving a specific number of crafted packets snmpd will segmentation fault (SIGSEGV) requiring a manual restart.2022-01-19

📋Vendor Advisories

1
Juniper
CVE-2022-22177: A release of illegal memory vulnerability in the snmpd daemon of Juniper Networks Junos OS, Junos OS Evolved allows an attacker to halt the snmpd daem2022-01-19
CVE-2022-22177 — Networks Junos OS vulnerability | cvebase