An Improper Access Control vulnerability in Juniper Networks Junos OS Evolved allows a network-based unauthenticated attacker who is able to connect to a specific open IPv4 port, which in affected releases should otherwise be unreachable, to cause the CPU to consume all resources as more traffic is sent to the port to create a Denial of Service (DoS) condition. Continued receipt and processing of these packets will create a sustained Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS Evolved 20.4 versions prior to 20.4R3-S2-EVO; 21.1 versions prior to 21.1R3-S1-EVO; 21.2 versions prior to 21.2R3-EVO; 21.3 versions prior to 21.3R2-EVO; 21.4 versions prior to 21.4R2-EVO. This issue does not affect Junos OS.
References
Link | Resource |
---|---|
https://kb.juniper.net/JSA69516 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
27 Jun 2023, 19:01
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-284 CWE-16 |
NVD-CWE-Other |
23 Apr 2022, 02:25
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 7.8
v3 : 7.5 |
CPE | cpe:2.3:o:juniper:junos_os_evolved:21.2:r1-s2:*:*:*:*:*:* cpe:2.3:o:juniper:junos_os_evolved:20.4:r3:*:*:*:*:*:* cpe:2.3:o:juniper:junos_os_evolved:21.1:r1:*:*:*:*:*:* cpe:2.3:o:juniper:junos_os_evolved:21.1:r3:*:*:*:*:*:* cpe:2.3:o:juniper:junos_os_evolved:21.2:r1-s1:*:*:*:*:*:* cpe:2.3:o:juniper:junos_os_evolved:20.4:r3-s1:*:*:*:*:*:* cpe:2.3:o:juniper:junos_os_evolved:21.3:r1:*:*:*:*:*:* cpe:2.3:o:juniper:junos_os_evolved:20.4:r1:*:*:*:*:*:* cpe:2.3:o:juniper:junos_os_evolved:20.4:r2-s2:*:*:*:*:*:* cpe:2.3:o:juniper:junos_os_evolved:21.1:r2:*:*:*:*:*:* cpe:2.3:o:juniper:junos_os_evolved:21.4:r1-s1:*:*:*:*:*:* cpe:2.3:o:juniper:junos_os_evolved:21.3:r1-s1:*:*:*:*:*:* cpe:2.3:o:juniper:junos_os_evolved:20.4:r2-s1:*:*:*:*:*:* cpe:2.3:o:juniper:junos_os_evolved:21.1:r1-s1:*:*:*:*:*:* cpe:2.3:o:juniper:junos_os_evolved:20.4:r1-s2:*:*:*:*:*:* cpe:2.3:o:juniper:junos_os_evolved:21.2:r1:*:*:*:*:*:* cpe:2.3:o:juniper:junos_os_evolved:21.4:r1:*:*:*:*:*:* cpe:2.3:o:juniper:junos_os_evolved:21.2:r2-s2:*:*:*:*:*:* cpe:2.3:o:juniper:junos_os_evolved:21.2:r2-s1:*:*:*:*:*:* cpe:2.3:o:juniper:junos_os_evolved:20.4:r2:*:*:*:*:*:* cpe:2.3:o:juniper:junos_os_evolved:20.4:r2-s3:*:*:*:*:*:* cpe:2.3:o:juniper:junos_os_evolved:20.4:r1-s1:*:*:*:*:*:* cpe:2.3:o:juniper:junos_os_evolved:21.2:r2:*:*:*:*:*:* |
|
References | (CONFIRM) https://kb.juniper.net/JSA69516 - Vendor Advisory |
14 Apr 2022, 16:38
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-04-14 16:15
Updated : 2024-02-04 22:29
NVD link : CVE-2022-22183
Mitre link : CVE-2022-22183
CVE.ORG link : CVE-2022-22183
JSON object : View
Products Affected
juniper
- junos_os_evolved
CWE
NVD-CWE-Other
CWE-16
Configuration
CWE-200Exposure of Sensitive Information to an Unauthorized Actor
CWE-284Improper Access Control