CVE-2022-22231
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
18/10/2022
Last modified:
27/06/2023
Description
An Unchecked Return Value to NULL Pointer Dereference vulnerability in Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). On SRX Series if Unified Threat Management (UTM) Enhanced Content Filtering (CF) and AntiVirus (AV) are enabled together and the system processes specific valid transit traffic the Packet Forwarding Engine (PFE) will crash and restart. This issue affects Juniper Networks Junos OS 21.4 versions prior to 21.4R1-S2, 21.4R2 on SRX Series. This issue does not affect Juniper Networks Junos OS versions prior to 21.4R1.
Impact
Base Score 3.x
7.50
Severity 3.x
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:juniper:junos:21.4:-:*:*:*:*:*:* | ||
| cpe:2.3:o:juniper:junos:21.4:r1:*:*:*:*:*:* | ||
| cpe:2.3:o:juniper:junos:21.4:r1-s1:*:*:*:*:*:* | ||
| cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page