CVE-2022-22224 — Improper Check or Handling of Exceptional Conditions in Networks Junos OS

CWE-703 — Improper Check or Handling of Exceptional Conditions4 documents4 sources

Severity

6.5MEDIUMNVD

EPSS

0.1%

top 71.14%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Juniper Networks Junos OS Juniper Networks Junos OS Evolved Juniper Junos +1 more

Timeline

PublishedOct 18

Description

An Improper Check or Handling of Exceptional Conditions vulnerability in the processing of a malformed OSPF TLV in Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated adjacent attacker to cause the periodic packet management daemon (PPMD) process to go into an infinite loop, which in turn can cause protocols and functions reliant on PPMD such as OSPF neighbor reachability to be impacted, resulting in a sustained Denial of Service (DoS) condition. The DoS condition persists u…

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages4 packages

▶CVEListV5juniper_networks/junos_os_evolvedunspecified — 20.4R3-S3-EVO+1

▶CVEListV5juniper_networks/junos_osunspecified — 19.1R3-S9+8

▶NVDjuniper/junos_os_evolved< 20.4+2

▶NVDjuniper/junos< 19.1+9

🔴Vulnerability Details

CVEList

Junos OS and Junos OS Evolved: PPMD goes into infinite loop upon receipt of malformed OSPF TLV↗2022-10-18

▶

GHSA

GHSA-cfr4-7372-927c: An Improper Check or Handling of Exceptional Conditions vulnerability in the processing of a malformed OSPF TLV in Juniper Networks Junos OS and Junos↗2022-10-18

▶

📋Vendor Advisories

Juniper

CVE-2022-22224: An Improper Check or Handling of Exceptional Conditions vulnerability in the processing of a malformed OSPF TLV in Juniper Networks Junos OS and Junos↗2022-10-18

▶