CVE-2022-22212Allocation of Resources Without Limits or Throttling in Networks Junos OS Evolved

CWE-770Allocation of Resources Without Limits or Throttling4 documents4 sources
Severity
7.5HIGHNVD
EPSS
0.4%
top 36.75%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Juniper Networks Junos OS EvolvedJuniper Junos OS Evolved
Timeline
PublishedJul 20
Latest updateJul 21

Description

An Allocation of Resources Without Limits or Throttling vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS Evolved allows unauthenticated network based attacker to cause a Denial of Service (DoS). On all Junos Evolved platforms hostbound protocols will be impacted by a high rate of specific hostbound traffic from ports on a PFE. Continued receipt of this amount of traffic will create a sustained Denial of Service (DoS) condition. This issue affects Juniper Networks

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

CVEListV5juniper_networks/junos_os_evolved21.221.2R3-EVO+1
NVDjuniper/junos_os_evolved21.2, 21.3+1

🔴Vulnerability Details

2
GHSA
GHSA-3f3p-8vhv-qrj8: An Allocation of Resources Without Limits or Throttling vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS Evolved allow2022-07-21
CVEList
Junos OS Evolved: A high rate of specific hostbound traffic will cause unexpected hostbound traffic delays or drops2022-07-20

📋Vendor Advisories

1
Juniper
CVE-2022-22212: An Allocation of Resources Without Limits or Throttling vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS Evolved allow2022-07-20
CVE-2022-22212 — HIGH severity | cvebase