CVE-2022-22217 — Improper Check for Unusual or Exceptional Conditions in Networks Junos OS

CWE-754 — Improper Check for Unusual or Exceptional Conditions4 documents4 sources

Severity

6.5MEDIUMNVD

CNA6.1

EPSS

0.2%

top 52.50%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Juniper Networks Junos OS Juniper Junos

Timeline

PublishedJul 20

Latest updateJul 21

Description

An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an adjacent unauthenticated attacker to cause a Denial of Service (DoS). The issue is caused by malformed MLD packets looping on a multi-homed Ethernet Segment Identifier (ESI) when VXLAN is configured. These MLD packets received on a multi-homed ESI are sent to the peer, and then incorrectly forwarded out the same ESI, violating the split horizon rule. …

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages2 packages

▶CVEListV5juniper_networks/junos_osunspecified — 19.1R3-S9+10

▶NVDjuniper/junos< 19.1+11

🔴Vulnerability Details

GHSA

GHSA-5jf5-gh36-x52q: An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an adj↗2022-07-21

▶

CVEList

Junos OS: QFX10K Series: Denial of Service (DoS) upon receipt of crafted MLD packets on multi-homing ESI in VXLAN↗2022-07-20

▶

📋Vendor Advisories

Juniper

CVE-2022-22217: An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an adj↗2022-07-20

▶