CVE-2022-22203

Summary

An Incorrect Comparison vulnerability in PFE of Juniper Networks Junos OS allows an adjacent unauthenticated attacker to cause a Denial of Service (DoS). On QFX5000 Series, and EX4600 and EX4650 platforms, the fxpc process will crash followed by the FPC reboot upon receipt of a specific hostbound packet. Continued receipt of these specific packets will create a sustained Denial of Service (DoS) condition. This issue only affects Juniper Networks Junos OS 19.4 version 19.4R3-S4.

Affected Software

VendorProductVersion RangeStatus
Juniper NetworksJunos OSunspecified < 19.4R3-S4unaffected
Juniper NetworksJunos OS19.4 < 19.4R3-S5affected

Weaknesses

  • CWE-697: CWE-697 Incorrect Comparison
  • Denial of Service (DoS)

Workarounds

There are no viable workarounds for this issue.

ADP Enrichment

CVE Program Container

Additional References

References