CVE-2022-22247

Summary

An Improper Input Validation vulnerability in ingress TCP segment processing of Juniper Networks Junos OS Evolved allows a network-based unauthenticated attacker to send a crafted TCP segment to the device, triggering a kernel panic, leading to a Denial of Service (DoS) condition. Continued receipt and processing of this TCP segment could create a sustained Denial of Service (DoS) condition. This issue affects Juniper Networks Junos OS Evolved: 21.3 versions prior to 21.3R3-EVO; 21.4 versions prior to 21.4R2-EVO; 22.1 versions prior to 22.1R2-EVO. This issue does not affect Juniper Networks Junos OS Evolved versions prior to 21.3R1-EVO.

Affected Software

VendorProductVersion RangeStatus
Juniper NetworksJunos OS Evolvedunspecified < 21.3R1-EVOunaffected
Juniper NetworksJunos OS Evolved21.3-EVO < 21.3R3-EVOaffected
Juniper NetworksJunos OS Evolved21.4-EVO < 21.4R2-EVOaffected
Juniper NetworksJunos OS Evolved22.1-EVO < 22.1R2-EVOaffected

Weaknesses

  • CWE-20: CWE-20 Improper Input Validation
  • Denial of Service (DoS)

Workarounds

There are no viable workarounds for this issue.

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References