CVE-2022-22212
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
20/07/2022
Last modified:
29/07/2022
Description
An Allocation of Resources Without Limits or Throttling vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS Evolved allows unauthenticated network based attacker to cause a Denial of Service (DoS). On all Junos Evolved platforms hostbound protocols will be impacted by a high rate of specific hostbound traffic from ports on a PFE. Continued receipt of this amount of traffic will create a sustained Denial of Service (DoS) condition. This issue affects Juniper Networks Junos OS Evolved: 21.2 versions prior to 21.2R3-EVO; 21.3 versions prior to 21.3R2-EVO. This issue does not affect Juniper Networks Junos OS Evolved versions prior to 21.2R1.
Impact
Base Score 3.x
7.50
Severity 3.x
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:juniper:junos_os_evolved:21.2:-:*:*:*:*:*:* | ||
| cpe:2.3:o:juniper:junos_os_evolved:21.2:r1:*:*:*:*:*:* | ||
| cpe:2.3:o:juniper:junos_os_evolved:21.2:r1-s1:*:*:*:*:*:* | ||
| cpe:2.3:o:juniper:junos_os_evolved:21.2:r1-s2:*:*:*:*:*:* | ||
| cpe:2.3:o:juniper:junos_os_evolved:21.2:r2:*:*:*:*:*:* | ||
| cpe:2.3:o:juniper:junos_os_evolved:21.2:r2-s1:*:*:*:*:*:* | ||
| cpe:2.3:o:juniper:junos_os_evolved:21.2:r2-s2:*:*:*:*:*:* | ||
| cpe:2.3:o:juniper:junos_os_evolved:21.3:-:*:*:*:*:*:* | ||
| cpe:2.3:o:juniper:junos_os_evolved:21.3:r1:*:*:*:*:*:* | ||
| cpe:2.3:o:juniper:junos_os_evolved:21.3:r1-s1:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page