An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based, attacker to cause Denial of Service (DoS). A PFE crash will happen when a GPRS Tunnel Protocol (GTP) packet is received with a malformed field in the IP header of GTP encapsulated General Packet Radio Services (GPRS) traffic. The packet needs to match existing state which is outside the attackers control, so the issue cannot be directly exploited. The issue will only be observed when endpoint address validation is enabled. This issue affects Juniper Networks Junos OS on SRX Series: 20.2 versions prior to 20.2R3-S5; 20.3 versions prior to 20.3R3-S4; 20.4 versions prior to 20.4R3-S3; 21.1 versions prior to 21.1R3-S2; 21.2 versions prior to 21.2R3-S1; 21.3 versions prior to 21.3R3; 21.4 versions prior to 21.4R1-S2, 21.4R2; 22.1 versions prior to 22.1R1-S1, 22.1R2. This issue does not affect Juniper Networks Junos OS versions prior to 20.2R1.
References
| Link | Resource |
|---|---|
| https://kb.juniper.net/JSA69891 | Vendor Advisory |
Configurations
Configuration 1 (hide)
| AND |
|
History
21 Oct 2022, 19:01
| Type | Values Removed | Values Added |
|---|---|---|
| References | (CONFIRM) https://kb.juniper.net/JSA69891 - Vendor Advisory | |
| CWE | CWE-754 | |
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
| CPE | cpe:2.3:o:juniper:junos:20.2:r3-s4:*:*:*:*:*:* cpe:2.3:o:juniper:junos:20.2:r2:*:*:*:*:*:* cpe:2.3:h:juniper:srx550m:-:*:*:*:*:*:*:* cpe:2.3:o:juniper:junos:20.3:r3-s3:*:*:*:*:*:* cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:* cpe:2.3:h:juniper:srx240m:-:*:*:*:*:*:*:* cpe:2.3:h:juniper:srx550_hm:-:*:*:*:*:*:*:* cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:* cpe:2.3:o:juniper:junos:20.2:r3-s1:*:*:*:*:*:* cpe:2.3:o:juniper:junos:20.2:r1:*:*:*:*:*:* cpe:2.3:o:juniper:junos:20.3:r1-s1:*:*:*:*:*:* cpe:2.3:o:juniper:junos:21.3:r2-s1:*:*:*:*:*:* cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:* cpe:2.3:o:juniper:junos:21.2:r3:*:*:*:*:*:* cpe:2.3:o:juniper:junos:20.4:r1:*:*:*:*:*:* cpe:2.3:o:juniper:junos:21.3:r2:*:*:*:*:*:* cpe:2.3:o:juniper:junos:20.2:r2-s2:*:*:*:*:*:* cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:* cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:* cpe:2.3:o:juniper:junos:21.1:r3:*:*:*:*:*:* cpe:2.3:o:juniper:junos:21.1:r1-s1:*:*:*:*:*:* cpe:2.3:o:juniper:junos:21.3:r2-s2:*:*:*:*:*:* cpe:2.3:o:juniper:junos:21.3:r1:*:*:*:*:*:* cpe:2.3:o:juniper:junos:20.2:r2-s1:*:*:*:*:*:* cpe:2.3:h:juniper:srx5000:-:*:*:*:*:*:*:* cpe:2.3:o:juniper:junos:20.3:r1-s2:*:*:*:*:*:* cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:* cpe:2.3:h:juniper:srx240h2:-:*:*:*:*:*:*:* cpe:2.3:o:juniper:junos:20.4:r3:*:*:*:*:*:* cpe:2.3:o:juniper:junos:21.3:r1-s2:*:*:*:*:*:* cpe:2.3:o:juniper:junos:21.2:r2:*:*:*:*:*:* cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:* cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:* cpe:2.3:o:juniper:junos:20.4:r2-s2:*:*:*:*:*:* cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:* cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:* cpe:2.3:o:juniper:junos:21.4:-:*:*:*:*:*:* cpe:2.3:o:juniper:junos:21.2:-:*:*:*:*:*:* cpe:2.3:o:juniper:junos:20.2:r1-s1:*:*:*:*:*:* cpe:2.3:o:juniper:junos:20.2:-:*:*:*:*:*:* cpe:2.3:o:juniper:junos:20.2:r3:*:*:*:*:*:* cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:* cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:* cpe:2.3:h:juniper:srx4000:-:*:*:*:*:*:*:* cpe:2.3:o:juniper:junos:20.3:-:*:*:*:*:*:* cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:* cpe:2.3:o:juniper:junos:21.2:r2-s2:*:*:*:*:*:* cpe:2.3:o:juniper:junos:22.1:r1:*:*:*:*:*:* cpe:2.3:o:juniper:junos:21.1:r2-s1:*:*:*:*:*:* cpe:2.3:o:juniper:junos:21.3:r1-s1:*:*:*:*:*:* cpe:2.3:o:juniper:junos:21.2:r1-s1:*:*:*:*:*:* cpe:2.3:o:juniper:junos:20.4:-:*:*:*:*:*:* cpe:2.3:o:juniper:junos:20.2:r3-s3:*:*:*:*:*:* cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:* cpe:2.3:o:juniper:junos:20.3:r1:*:*:*:*:*:* cpe:2.3:o:juniper:junos:21.4:r1-s1:*:*:*:*:*:* cpe:2.3:o:juniper:junos:20.4:r2-s1:*:*:*:*:*:* cpe:2.3:o:juniper:junos:21.3:-:*:*:*:*:*:* cpe:2.3:o:juniper:junos:21.1:r3-s1:*:*:*:*:*:* cpe:2.3:o:juniper:junos:20.3:r2-s1:*:*:*:*:*:* cpe:2.3:o:juniper:junos:21.1:r1:*:*:*:*:*:* cpe:2.3:o:juniper:junos:20.2:r3-s2:*:*:*:*:*:* cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:* cpe:2.3:h:juniper:srx380:-:*:*:*:*:*:*:* cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:* cpe:2.3:o:juniper:junos:20.2:r1-s2:*:*:*:*:*:* cpe:2.3:o:juniper:junos:21.1:r2:*:*:*:*:*:* cpe:2.3:o:juniper:junos:21.2:r2-s1:*:*:*:*:*:* cpe:2.3:o:juniper:junos:21.2:r1:*:*:*:*:*:* cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:* cpe:2.3:o:juniper:junos:21.4:r1:*:*:*:*:*:* cpe:2.3:o:juniper:junos:21.2:r3-s1:*:*:*:*:*:* cpe:2.3:o:juniper:junos:20.2:r2-s3:*:*:*:*:*:* cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:* cpe:2.3:o:juniper:junos:21.2:r1-s2:*:*:*:*:*:* cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:* cpe:2.3:o:juniper:junos:20.3:r3-s1:*:*:*:*:*:* cpe:2.3:o:juniper:junos:20.4:r3-s2:*:*:*:*:*:* cpe:2.3:o:juniper:junos:21.1:r2-s2:*:*:*:*:*:* cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:* cpe:2.3:o:juniper:junos:20.3:r2:*:*:*:*:*:* cpe:2.3:o:juniper:junos:21.1:-:*:*:*:*:*:* cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:* cpe:2.3:o:juniper:junos:20.4:r3-s1:*:*:*:*:*:* cpe:2.3:o:juniper:junos:20.4:r1-s1:*:*:*:*:*:* cpe:2.3:o:juniper:junos:20.3:r3:*:*:*:*:*:* cpe:2.3:o:juniper:junos:20.3:r3-s2:*:*:*:*:*:* cpe:2.3:o:juniper:junos:20.2:r1-s3:*:*:*:*:*:* cpe:2.3:o:juniper:junos:20.4:r2:*:*:*:*:*:* |
18 Oct 2022, 03:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2022-10-18 03:15
Updated : 2024-02-04 22:51
NVD link : CVE-2022-22235
Mitre link : CVE-2022-22235
CVE.ORG link : CVE-2022-22235
JSON object : View
Products Affected
juniper
- srx550_hm
- srx550m
- srx650
- srx3600
- srx340
- srx300
- srx240h2
- srx110
- srx380
- srx4000
- srx4200
- srx4100
- srx210
- srx3400
- srx1500
- srx240
- junos
- srx100
- srx4600
- srx550
- srx5800
- srx240m
- srx320
- srx5000
- srx5400
- srx345
- srx220
- srx5600
- srx1400
CWE
CWE-754
Improper Check for Unusual or Exceptional Conditions