Lucene search
HistoryOct 18, 2022 - 3:15 a.m.
CVE-2022-22230
cve-2022-22230
improper input validation
vulnerability
juniper networks
junos os
junos os evolved
routing protocol daemon
dos
nvd
6.5 Medium
CVSS3
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
0.001 Low
EPSS
Percentile
21.6%
An Improper Input Validation vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent unauthenticated attacker to cause DoS (Denial of Service). If another router generates more than one specific valid OSPFv3 LSA then rpd will crash while processing these LSAs. This issue only affects systems configured with OSPFv3, while OSPFv2 is not affected. This issue affects: Juniper Networks Junos OS 19.2 versions prior to 19.2R3-S6; 19.3 version 19.3R2 and later versions; 19.4 versions prior to 19.4R2-S8, 19.4R3-S9; 20.1 version 20.1R1 and later versions; 20.2 versions prior to 20.2R3-S5; 20.3 versions prior to 20.3R3-S5; 20.4 versions prior to 20.4R3-S4; 21.1 versions prior to 21.1R3-S2; 21.2 versions prior to 21.2R3-S1; 21.3 versions prior to 21.3R3-S2; 21.4 versions prior to 21.4R2. Juniper Networks Junos OS Evolved All versions prior to 20.4R3-S5-EVO; 21.1-EVO versions prior to 21.1R3-S2-EVO; 21.2-EVO versions prior to 21.2R3-S1-EVO; 21.3-EVO versions prior to 21.3R3-S2-EVO; 21.4-EVO versions prior to 21.4R2-EVO; 22.1-EVO versions prior to 22.1R2-EVO; 22.2-EVO versions prior to 22.2R2-EVO. This issue does not affect Juniper Networks Junos OS 19.2 versions prior to 19.2R2.
Affected configurations
Node
juniperjunosMatch19.2r2
ORjuniperjunosMatch19.2r2-s1
ORjuniperjunosMatch19.2r3
ORjuniperjunosMatch19.2r3-s1
ORjuniperjunosMatch19.2r3-s2
ORjuniperjunosMatch19.2r3-s3
ORjuniperjunosMatch19.2r3-s4
ORjuniperjunosMatch19.2r3-s5
ORjuniperjunosMatch19.3-
ORjuniperjunosMatch19.3r1
ORjuniperjunosMatch19.3r1-s1
ORjuniperjunosMatch19.4-
ORjuniperjunosMatch19.4r1
ORjuniperjunosMatch19.4r1-s1
ORjuniperjunosMatch19.4r1-s2
ORjuniperjunosMatch19.4r1-s3
ORjuniperjunosMatch19.4r1-s4
ORjuniperjunosMatch19.4r2
ORjuniperjunosMatch19.4r2-s1
ORjuniperjunosMatch19.4r2-s2
ORjuniperjunosMatch19.4r2-s3
ORjuniperjunosMatch19.4r2-s4
ORjuniperjunosMatch19.4r2-s5
ORjuniperjunosMatch19.4r2-s6
ORjuniperjunosMatch19.4r2-s7
ORjuniperjunosMatch19.4r3
ORjuniperjunosMatch19.4r3-s1
ORjuniperjunosMatch19.4r3-s2
ORjuniperjunosMatch19.4r3-s3
ORjuniperjunosMatch19.4r3-s4
ORjuniperjunosMatch19.4r3-s5
ORjuniperjunosMatch19.4r3-s6
ORjuniperjunosMatch19.4r3-s7
ORjuniperjunosMatch19.4r3-s8
ORjuniperjunosMatch20.1r1
ORjuniperjunosMatch20.1r1-s1
ORjuniperjunosMatch20.1r1-s2
ORjuniperjunosMatch20.1r1-s3
ORjuniperjunosMatch20.1r1-s4
ORjuniperjunosMatch20.1r2
ORjuniperjunosMatch20.1r2-s1
ORjuniperjunosMatch20.1r2-s2
ORjuniperjunosMatch20.1r3
ORjuniperjunosMatch20.1r3-s1
ORjuniperjunosMatch20.1r3-s2
ORjuniperjunosMatch20.1r3-s3
ORjuniperjunosMatch20.2-
ORjuniperjunosMatch20.2r1
ORjuniperjunosMatch20.2r1-s1
ORjuniperjunosMatch20.2r1-s2
ORjuniperjunosMatch20.2r1-s3
ORjuniperjunosMatch20.2r2
ORjuniperjunosMatch20.2r2-s1
ORjuniperjunosMatch20.2r2-s2
ORjuniperjunosMatch20.2r2-s3
ORjuniperjunosMatch20.2r3
ORjuniperjunosMatch20.2r3-s1
ORjuniperjunosMatch20.2r3-s2
ORjuniperjunosMatch20.2r3-s3
ORjuniperjunosMatch20.2r3-s4
ORjuniperjunosMatch20.3-
ORjuniperjunosMatch20.3r1
ORjuniperjunosMatch20.3r1-s1
ORjuniperjunosMatch20.3r1-s2
ORjuniperjunosMatch20.3r2
ORjuniperjunosMatch20.3r2-s1
ORjuniperjunosMatch20.3r3
ORjuniperjunosMatch20.3r3-s1
ORjuniperjunosMatch20.3r3-s2
ORjuniperjunosMatch20.3r3-s3
ORjuniperjunosMatch20.3r3-s4
ORjuniperjunosMatch20.4-
ORjuniperjunosMatch20.4r1
ORjuniperjunosMatch20.4r1-s1
ORjuniperjunosMatch20.4r2
ORjuniperjunosMatch20.4r2-s1
ORjuniperjunosMatch20.4r2-s2
ORjuniperjunosMatch20.4r3
ORjuniperjunosMatch20.4r3-s1
ORjuniperjunosMatch20.4r3-s2
ORjuniperjunosMatch20.4r3-s3
ORjuniperjunosMatch21.1-
ORjuniperjunosMatch21.1r1
ORjuniperjunosMatch21.1r1-s1
ORjuniperjunosMatch21.1r2
ORjuniperjunosMatch21.1r2-s1
ORjuniperjunosMatch21.1r2-s2
ORjuniperjunosMatch21.1r3
ORjuniperjunosMatch21.1r3-s1
ORjuniperjunosMatch21.2-
ORjuniperjunosMatch21.2r1
ORjuniperjunosMatch21.2r1-s1
ORjuniperjunosMatch21.2r1-s2
ORjuniperjunosMatch21.2r2
ORjuniperjunosMatch21.2r2-s1
ORjuniperjunosMatch21.2r2-s2
ORjuniperjunosMatch21.2r3
ORjuniperjunosMatch21.3-
ORjuniperjunosMatch21.3r1
ORjuniperjunosMatch21.3r1-s1
ORjuniperjunosMatch21.3r1-s2
ORjuniperjunosMatch21.3r2
ORjuniperjunosMatch21.3r2-s1
ORjuniperjunosMatch21.3r2-s2
ORjuniperjunosMatch21.3r3
ORjuniperjunosMatch21.3r3-s1
ORjuniperjunosMatch21.4-
ORjuniperjunosMatch21.4r1
ORjuniperjunosMatch21.4r1-s1
ORjuniperjunosMatch21.4r1-s2
Node
juniperjunos_os_evolvedMatch18.3r1
ORjuniperjunos_os_evolvedMatch19.1r1
ORjuniperjunos_os_evolvedMatch19.1r2
ORjuniperjunos_os_evolvedMatch19.2r1
ORjuniperjunos_os_evolvedMatch19.2r2
ORjuniperjunos_os_evolvedMatch19.3r1
ORjuniperjunos_os_evolvedMatch19.3r2
ORjuniperjunos_os_evolvedMatch19.4r1
ORjuniperjunos_os_evolvedMatch19.4r1-s1
ORjuniperjunos_os_evolvedMatch19.4r2
ORjuniperjunos_os_evolvedMatch19.4r2-s1
ORjuniperjunos_os_evolvedMatch19.4r2-s2
ORjuniperjunos_os_evolvedMatch20.1-
ORjuniperjunos_os_evolvedMatch20.1r1
ORjuniperjunos_os_evolvedMatch20.1r1-s1
ORjuniperjunos_os_evolvedMatch20.1r2
ORjuniperjunos_os_evolvedMatch20.1r2-s1
ORjuniperjunos_os_evolvedMatch20.1r2-s2
ORjuniperjunos_os_evolvedMatch20.1r2-s3
ORjuniperjunos_os_evolvedMatch20.1r2-s4
ORjuniperjunos_os_evolvedMatch20.1r2-s5
ORjuniperjunos_os_evolvedMatch20.1r3
ORjuniperjunos_os_evolvedMatch20.2-
ORjuniperjunos_os_evolvedMatch20.2r1
ORjuniperjunos_os_evolvedMatch20.2r1-s1
ORjuniperjunos_os_evolvedMatch20.2r2
ORjuniperjunos_os_evolvedMatch20.2r2-s1
ORjuniperjunos_os_evolvedMatch20.2r3
ORjuniperjunos_os_evolvedMatch20.3-
ORjuniperjunos_os_evolvedMatch20.3r1
ORjuniperjunos_os_evolvedMatch20.3r1-s1
ORjuniperjunos_os_evolvedMatch20.3r1-s2
ORjuniperjunos_os_evolvedMatch20.3r1-s3
ORjuniperjunos_os_evolvedMatch20.3r2
ORjuniperjunos_os_evolvedMatch20.4-
ORjuniperjunos_os_evolvedMatch20.4r1
ORjuniperjunos_os_evolvedMatch20.4r1-s1
ORjuniperjunos_os_evolvedMatch20.4r1-s2
ORjuniperjunos_os_evolvedMatch20.4r2
ORjuniperjunos_os_evolvedMatch20.4r2-s1
ORjuniperjunos_os_evolvedMatch20.4r2-s2
ORjuniperjunos_os_evolvedMatch20.4r2-s3
ORjuniperjunos_os_evolvedMatch20.4r3
ORjuniperjunos_os_evolvedMatch20.4r3-s1
ORjuniperjunos_os_evolvedMatch20.4r3-s2
ORjuniperjunos_os_evolvedMatch20.4r3-s3
ORjuniperjunos_os_evolvedMatch20.4r3-s4
ORjuniperjunos_os_evolvedMatch21.1-
ORjuniperjunos_os_evolvedMatch21.1r1
ORjuniperjunos_os_evolvedMatch21.1r1-s1
ORjuniperjunos_os_evolvedMatch21.1r2
ORjuniperjunos_os_evolvedMatch21.1r3
ORjuniperjunos_os_evolvedMatch21.1r3-s1
ORjuniperjunos_os_evolvedMatch21.2-
ORjuniperjunos_os_evolvedMatch21.2r1
ORjuniperjunos_os_evolvedMatch21.2r1-s1
ORjuniperjunos_os_evolvedMatch21.2r1-s2
ORjuniperjunos_os_evolvedMatch21.2r2
ORjuniperjunos_os_evolvedMatch21.2r2-s1
ORjuniperjunos_os_evolvedMatch21.2r2-s2
ORjuniperjunos_os_evolvedMatch21.2r3
ORjuniperjunos_os_evolvedMatch21.3-
ORjuniperjunos_os_evolvedMatch21.3r1
ORjuniperjunos_os_evolvedMatch21.3r1-s1
ORjuniperjunos_os_evolvedMatch21.3r2
ORjuniperjunos_os_evolvedMatch21.3r3
ORjuniperjunos_os_evolvedMatch21.4-
ORjuniperjunos_os_evolvedMatch21.4r1
ORjuniperjunos_os_evolvedMatch21.4r1-s1
ORjuniperjunos_os_evolvedMatch22.1r1
ORjuniperjunos_os_evolvedMatch22.2r1
CNA Affected
[
{
"vendor": "Juniper Networks",
"product": "Junos OS",
"versions": [
{
"version": "19.2",
"status": "affected",
"lessThan": "19.2R3-S6",
"versionType": "custom",
"changes": [
{
"at": "19.2R2",
"status": "affected"
}
]
},
{
"version": "19.3R2",
"status": "affected",
"lessThan": "19.3*",
"versionType": "custom"
},
{
"version": "19.4",
"status": "affected",
"lessThan": "19.4R2-S8, 19.4R3-S9",
"versionType": "custom"
},
{
"version": "20.1R1",
"status": "affected",
"lessThan": "20.1*",
"versionType": "custom"
},
{
"version": "20.2",
"status": "affected",
"lessThan": "20.2R3-S5",
"versionType": "custom"
},
{
"version": "20.3",
"status": "affected",
"lessThan": "20.3R3-S5",
"versionType": "custom"
},
{
"version": "20.4",
"status": "affected",
"lessThan": "20.4R3-S4",
"versionType": "custom"
},
{
"version": "21.1",
"status": "affected",
"lessThan": "21.1R3-S2",
"versionType": "custom"
},
{
"version": "21.2",
"status": "affected",
"lessThan": "21.2R3-S1",
"versionType": "custom"
},
{
"version": "21.3",
"status": "affected",
"lessThan": "21.3R3-S2",
"versionType": "custom"
},
{
"version": "21.4",
"status": "affected",
"lessThan": "21.4R2",
"versionType": "custom"
}
]
},
{
"vendor": "Juniper Networks",
"product": "Junos OS Evolved",
"versions": [
{
"version": "unspecified",
"lessThan": "20.4R3-S5-EVO",
"status": "affected",
"versionType": "custom"
},
{
"version": "21.1-EVO",
"status": "affected",
"lessThan": "21.1R3-S2-EVO",
"versionType": "custom"
},
{
"version": "21.2-EVO",
"status": "affected",
"lessThan": "21.2R3-S1-EVO",
"versionType": "custom"
},
{
"version": "21.3-EVO",
"status": "affected",
"lessThan": "21.3R3-S2-EVO",
"versionType": "custom"
},
{
"version": "21.4-EVO",
"status": "affected",
"lessThan": "21.4R2-EVO",
"versionType": "custom"
},
{
"version": "22.1-EVO",
"status": "affected",
"lessThan": "22.1R2-EVO",
"versionType": "custom"
},
{
"version": "22.2-EVO",
"status": "affected",
"lessThan": "22.2R2-EVO",
"versionType": "custom"
}
]
}
]References
Social References
More
Related
prion
prion
Input validation
2022-10-18 03:15:00
cvelist
cvelist
nvd
nvd
CVE-2022-22230
2022-10-18 03:15:10
nessus
nessus
Juniper Junos OS Vulnerability (JSA69884)
2022-10-12 00:00:00
6.5 Medium
CVSS3
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
0.001 Low
EPSS
Percentile
21.6%
Related for CVE-2022-22230