cbcvebase.
CVE-2022-22201
published 2022-10-18

CVE-2022-22201: An Improper Validation of Specified Index, Position, or Offset in Input vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows…

high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
An Improper Validation of Specified Index, Position, or Offset in Input vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an unauthenticated network-based attacker to cause a Denial of Service (DoS). On SRX5000 Series with SPC3, SRX4000 Series, and vSRX, when PowerMode IPsec is configured and a malformed ESP packet matching an established IPsec tunnel is received the PFE crashes. This issue affects Juniper Networks Junos OS on SRX5000 Series with SPC3, SRX4000 Series, and vSRX: All versions prior to 19.4R2-S6, 19.4R3-S7; 20.1 versions prior to 20.1R3-S3; 20.2 versions prior to 20.2R3-S4; 20.3 versions prior to 20.3R3-S3; 20.4 versions prior to 20.4R3-S2; 21.1 versions prior to 21.1R3; 21.2 versions prior to 21.2R3; 21.3 versions prior to 21.3R1-S2, 21.3R2.

Affected

19 ranges
VendorProductVersion rangeFixed in
juniperjunos< 19.419.4
juniperjunos
juniperjunos
juniperjunos
juniperjunos
juniperjunos
juniperjunos
juniperjunos
juniperjunos
juniperjunos_os
junipersrx_series
juniper_networksjunos_os>= 20.1 < 20.1R3-S320.1R3-S3
juniper_networksjunos_os>= 20.2 < 20.2R3-S420.2R3-S4
juniper_networksjunos_os>= 20.3 < 20.3R3-S320.3R3-S3
juniper_networksjunos_os>= 20.4 < 20.4R3-S220.4R3-S2
juniper_networksjunos_os>= 21.1 < 21.1R321.1R3
juniper_networksjunos_os>= 21.2 < 21.2R321.2R3
juniper_networksjunos_os>= 21.3 < 21.3R1-S2, 21.3R221.3R1-S2, 21.3R2
juniper_networksjunos_os>= unspecified < 19.4R2-S6, 19.4R3-S719.4R2-S6, 19.4R3-S7