CVE-2022-22171
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
19/01/2022
Last modified:
26/01/2022
Description
An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an unauthenticated networked attacker to cause a Denial of Service (DoS) by sending specific packets over VXLAN which cause the PFE to reset. This issue affects: Juniper Networks Junos OS 19.4 versions prior to 19.4R3-S7; 20.1 versions prior to 20.1R3-S3; 20.2 versions prior to 20.2R3-S3; 20.3 versions prior to 20.3R3-S2; 20.4 versions prior to 20.4R3-S1; 21.1 versions prior to 21.1R3; 21.2 versions prior to 21.2R2; 21.3 versions prior to 21.3R1-S1, 21.3R2. This issue does not affect versions of Junos OS prior to 19.4R1.
Impact
Base Score 3.x
7.50
Severity 3.x
HIGH
Base Score 2.0
5.00
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:juniper:junos:19.4:r1:*:*:*:*:*:* | ||
| cpe:2.3:o:juniper:junos:19.4:r1-s1:*:*:*:*:*:* | ||
| cpe:2.3:o:juniper:junos:19.4:r1-s2:*:*:*:*:*:* | ||
| cpe:2.3:o:juniper:junos:19.4:r1-s3:*:*:*:*:*:* | ||
| cpe:2.3:o:juniper:junos:19.4:r1-s4:*:*:*:*:*:* | ||
| cpe:2.3:o:juniper:junos:19.4:r2:*:*:*:*:*:* | ||
| cpe:2.3:o:juniper:junos:19.4:r2-s1:*:*:*:*:*:* | ||
| cpe:2.3:o:juniper:junos:19.4:r2-s2:*:*:*:*:*:* | ||
| cpe:2.3:o:juniper:junos:19.4:r2-s3:*:*:*:*:*:* | ||
| cpe:2.3:o:juniper:junos:19.4:r2-s4:*:*:*:*:*:* | ||
| cpe:2.3:o:juniper:junos:19.4:r2-s5:*:*:*:*:*:* | ||
| cpe:2.3:o:juniper:junos:19.4:r3:*:*:*:*:*:* | ||
| cpe:2.3:o:juniper:junos:19.4:r3-s1:*:*:*:*:*:* | ||
| cpe:2.3:o:juniper:junos:19.4:r3-s2:*:*:*:*:*:* | ||
| cpe:2.3:o:juniper:junos:19.4:r3-s3:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page