CVE-2022-22247

Junos OS Evolved: Kernel processing of unvalidated TCP segments could lead to a Denial of Service (DoS)

CVSS 7.5 HIGHEPSS 0.6%CWE-20

Vexday Risk Score

21Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS 7.5EPSS 0.6%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

18 Oct 2022Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

An Improper Input Validation vulnerability in ingress TCP segment processing of Juniper Networks Junos OS Evolved allows a network-based unauthenticated attacker to send a crafted TCP segment to the device, triggering a kernel panic, leading to a Denial of Service (DoS) condition. Continued receipt and processing of this TCP segment could create a sustained Denial of Service (DoS) condition. This issue affects Juniper Networks Junos OS Evolved: 21.3 versions prior to 21.3R3-EVO; 21.4 versions prior to 21.4R2-EVO; 22.1 versions prior to 22.1R2-EVO. This issue does not affect Juniper Networks Junos OS Evolved versions prior to 21.3R1-EVO.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Juniper Networks · Junos OS Evolved

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://kb.juniper.net/JSA69904