CVE-2022-22195

{"id": "CVE-2022-22195", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}, {"type": "Secondary", "source": "sirt@juniper.net", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2022-04-14T16:15:08.473", "references": [{"url": "https://kb.juniper.net/JSA69508", "tags": ["Vendor Advisory"], "source": "sirt@juniper.net"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "sirt@juniper.net", "description": [{"lang": "en", "value": "CWE-911"}]}], "descriptions": [{"lang": "en", "value": "An Improper Update of Reference Count vulnerability in the kernel of Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to trigger a counter overflow, eventually causing a Denial of Service (DoS). This issue affects Juniper Networks Junos OS Evolved: All versions prior to 20.4R3-S1-EVO; 21.1 versions prior to 21.1R3-EVO; 21.2 versions prior to 21.2R3-EVO; 21.3 versions prior to 21.3R2-EVO. This issue does not affect Juniper Networks Junos OS."}, {"lang": "es", "value": "Una vulnerabilidad de Actualizaci\u00f3n Inapropiada del Recuento de Referencias en el kernel de Juniper Networks Junos OS Evolved permite a un atacante no autenticado y basado en la red desencadenar un desbordamiento del contador, causando eventualmente una Denegaci\u00f3n de Servicio (DoS). Este problema afecta a Juniper Networks Junos OS Evolved: Todas las versiones anteriores a 20.4R3-S1-EVO; versiones 21.1 anteriores a 21.1R3-EVO; versiones 21.2 anteriores a 21.2R3-EVO; versiones 21.3 anteriores a 21.3R2-EVO. Este problema no afecta a Juniper Networks Junos OS"}], "lastModified": "2022-04-21T09:55:35.627", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos_os_evolved:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0F41A7DF-2B27-4E2E-ABFC-E0510A028199", "versionEndExcluding": "20.4"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:20.4:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C9C8866D-162F-4C9B-8167-2FBA25410368"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:20.4:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F85E5BC7-8607-4330-AA72-2273D32F8604"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:20.4:r1-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "878C81C9-A418-4A21-8FDB-2116A992679C"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:20.4:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7451A671-A3CC-4904-8D45-947B1D3783C9"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:20.4:r2-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0108AD20-EAE6-41D1-AE48-254C46B5388A"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:20.4:r2-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "44FBCA6F-EB05-4EE4-85FD-944BDAF7D81B"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:20.4:r2-s3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E554FD12-FE69-44D1-B2C9-4382F8CA4456"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:20.4:r3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E0C1D53E-70BE-4246-89ED-1074C8C70747"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.1:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AE674DD3-3590-4434-B144-5AD7EB5F039D"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.1:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0099BDA9-9D4B-4D6C-8234-EFD9E8C63476"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.1:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D8729BC1-FB09-4E6D-A5D5-8BDC589555B6"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3EA3DC63-B290-4D15-BEF9-21DEF36CA2EA"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7E1E57AF-979B-4022-8AD6-B3558E06B718"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.2:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7BA246F0-154E-4F44-A97B-690D22FA73DD"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.3:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5A4DD04A-DE52-46BE-8C34-8DB47F7500F0"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.3:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FEE0E145-8E1C-446E-90ED-237E3B9CAF47"}], "operator": "OR"}]}], "sourceIdentifier": "sirt@juniper.net"}