CVE-2022-22247

{"id": "CVE-2022-22247", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "sirt@juniper.net", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2022-10-18T03:15:11.387", "references": [{"url": "https://kb.juniper.net/JSA69904", "tags": ["Vendor Advisory"], "source": "sirt@juniper.net"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-20"}]}, {"type": "Secondary", "source": "sirt@juniper.net", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "An Improper Input Validation vulnerability in ingress TCP segment processing of Juniper Networks Junos OS Evolved allows a network-based unauthenticated attacker to send a crafted TCP segment to the device, triggering a kernel panic, leading to a Denial of Service (DoS) condition. Continued receipt and processing of this TCP segment could create a sustained Denial of Service (DoS) condition. This issue affects Juniper Networks Junos OS Evolved: 21.3 versions prior to 21.3R3-EVO; 21.4 versions prior to 21.4R2-EVO; 22.1 versions prior to 22.1R2-EVO. This issue does not affect Juniper Networks Junos OS Evolved versions prior to 21.3R1-EVO."}, {"lang": "es", "value": "Una vulnerabilidad de Comprobaci\u00f3n de Entrada Inapropiada en el procesamiento de segmentos TCP de entrada de Juniper Networks Junos OS Evolved permite a un atacante no autenticado basado en la red enviar un segmento TCP dise\u00f1ado al dispositivo, desencadenando un p\u00e1nico del n\u00facleo, conllevando a una condici\u00f3n de Denegaci\u00f3n de Servicio (DoS). La recepci\u00f3n y el procesamiento continuados de este segmento TCP podr\u00edan crear una condici\u00f3n de Denegaci\u00f3n de Servicio (DoS) sostenida. Este problema afecta a Juniper Networks Junos OS Evolved: versiones 21.3 anteriores a 21.3R3-EVO; versiones 21.4 anteriores a 21.4R2-EVO; versiones 22.1 anteriores a 22.1R2-EVO. Este problema no afecta a las versiones de Junos OS Evolved de Juniper Networks anteriores a 21.3R1-EVO"}], "lastModified": "2022-10-20T15:19:07.033", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.3:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4EC38173-44AB-43D5-8C27-CB43AD5E0B2E"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.3:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5A4DD04A-DE52-46BE-8C34-8DB47F7500F0"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.3:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FEE0E145-8E1C-446E-90ED-237E3B9CAF47"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.3:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0F26369D-21B2-4C6A-98C1-492692A61283"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2E907193-075E-45BC-9257-9607DB790D71"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8B73A41D-3FF5-4E53-83FF-74DF58E0D6C3"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.4:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CEDF46A8-FC3A-4779-B695-2CA11D045AEB"}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:22.1:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "750FE748-82E7-4419-A061-2DEA26E35309"}], "operator": "OR"}]}], "sourceIdentifier": "sirt@juniper.net"}