Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2022-22249
HistoryOct 18, 2022 - 3:15 a.m.

CVE-2022-22249

2022-10-1803:15:11
CWE-664
[email protected]
web.nvd.nist.gov
91
5
cve-2022-22249
juniper networks
junos os
mx series
dos
vulnerability
nvd
security advisory

6.5 Medium

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.001 Low

EPSS

Percentile

31.4%

JSON

An Improper Control of a Resource Through its Lifetime vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on MX Series allows an unauthenticated adjacent attacker to cause a Denial of Service (DoS). When there is a continuous mac move a memory corruption causes one or more FPCs to crash and reboot. These MAC moves can be between two local interfaces or between core/EVPN and local interface. The below error logs can be seen in PFE syslog when this issue happens: xss_event_handler(1071): EA[0:0]_PPE 46.xss[0] ADDR Error. ppe_error_interrupt(4298): EA[0:0]_PPE 46 Errors sync xtxn error xss_event_handler(1071): EA[0:0]_PPE 1.xss[0] ADDR Error. ppe_error_interrupt(4298): EA[0:0]_PPE 1 Errors sync xtxn error xss_event_handler(1071): EA[0:0]_PPE 2.xss[0] ADDR Error. This issue affects Juniper Networks Junos OS on MX Series: All versions prior to 15.1R7-S13; 19.1 versions prior to 19.1R3-S9; 19.2 versions prior to 19.2R3-S6; 19.3 versions prior to 19.3R3-S6; 19.4 versions prior to 19.4R2-S7, 19.4R3-S8; 20.1 version 20.1R1 and later versions; 20.2 versions prior to 20.2R3-S5; 20.3 versions prior to 20.3R3-S5; 20.4 versions prior to 20.4R3-S2; 21.1 versions prior to 21.1R3; 21.2 versions prior to 21.2R3; 21.3 versions prior to 21.3R2.

Affected configurations

NVD
Node
juniperjunosRange<15.1
OR
juniperjunosMatch15.1-
OR
juniperjunosMatch15.1a1
OR
juniperjunosMatch15.1f1
OR
juniperjunosMatch15.1f2
OR
juniperjunosMatch15.1f2-s1
OR
juniperjunosMatch15.1f2-s2
OR
juniperjunosMatch15.1f2-s3
OR
juniperjunosMatch15.1f2-s4
OR
juniperjunosMatch15.1f3
OR
juniperjunosMatch15.1f4
OR
juniperjunosMatch15.1f5
OR
juniperjunosMatch15.1f5-s7
OR
juniperjunosMatch15.1f6
OR
juniperjunosMatch15.1f6-s1
OR
juniperjunosMatch15.1f6-s10
OR
juniperjunosMatch15.1f6-s12
OR
juniperjunosMatch15.1f6-s2
OR
juniperjunosMatch15.1f6-s3
OR
juniperjunosMatch15.1f6-s4
OR
juniperjunosMatch15.1f6-s5
OR
juniperjunosMatch15.1f6-s6
OR
juniperjunosMatch15.1f6-s7
OR
juniperjunosMatch15.1f6-s8
OR
juniperjunosMatch15.1f6-s9
OR
juniperjunosMatch15.1f7
OR
juniperjunosMatch15.1r1
OR
juniperjunosMatch15.1r2
OR
juniperjunosMatch15.1r3
OR
juniperjunosMatch15.1r4
OR
juniperjunosMatch15.1r4-s7
OR
juniperjunosMatch15.1r4-s8
OR
juniperjunosMatch15.1r4-s9
OR
juniperjunosMatch15.1r5
OR
juniperjunosMatch15.1r5-s1
OR
juniperjunosMatch15.1r5-s3
OR
juniperjunosMatch15.1r5-s5
OR
juniperjunosMatch15.1r5-s6
OR
juniperjunosMatch15.1r6
OR
juniperjunosMatch15.1r6-s1
OR
juniperjunosMatch15.1r6-s2
OR
juniperjunosMatch15.1r6-s3
OR
juniperjunosMatch15.1r6-s4
OR
juniperjunosMatch15.1r6-s6
OR
juniperjunosMatch15.1r7
OR
juniperjunosMatch15.1r7-s1
OR
juniperjunosMatch15.1r7-s10
OR
juniperjunosMatch15.1r7-s11
OR
juniperjunosMatch15.1r7-s12
OR
juniperjunosMatch15.1r7-s2
OR
juniperjunosMatch15.1r7-s3
OR
juniperjunosMatch15.1r7-s4
OR
juniperjunosMatch15.1r7-s5
OR
juniperjunosMatch15.1r7-s6
OR
juniperjunosMatch15.1r7-s7
OR
juniperjunosMatch15.1r7-s8
OR
juniperjunosMatch15.1r7-s9
OR
juniperjunosMatch19.1-
OR
juniperjunosMatch19.1r1
OR
juniperjunosMatch19.1r1-s1
OR
juniperjunosMatch19.1r1-s2
OR
juniperjunosMatch19.1r1-s3
OR
juniperjunosMatch19.1r1-s4
OR
juniperjunosMatch19.1r1-s5
OR
juniperjunosMatch19.1r1-s6
OR
juniperjunosMatch19.1r2
OR
juniperjunosMatch19.1r2-s1
OR
juniperjunosMatch19.1r2-s2
OR
juniperjunosMatch19.1r2-s3
OR
juniperjunosMatch19.1r3
OR
juniperjunosMatch19.1r3-s1
OR
juniperjunosMatch19.1r3-s2
OR
juniperjunosMatch19.1r3-s3
OR
juniperjunosMatch19.1r3-s4
OR
juniperjunosMatch19.1r3-s5
OR
juniperjunosMatch19.1r3-s6
OR
juniperjunosMatch19.1r3-s7
OR
juniperjunosMatch19.1r3-s8
OR
juniperjunosMatch19.2-
OR
juniperjunosMatch19.2r1
OR
juniperjunosMatch19.2r1-s1
OR
juniperjunosMatch19.2r1-s2
OR
juniperjunosMatch19.2r1-s3
OR
juniperjunosMatch19.2r1-s4
OR
juniperjunosMatch19.2r1-s5
OR
juniperjunosMatch19.2r1-s6
OR
juniperjunosMatch19.2r1-s7
OR
juniperjunosMatch19.2r1-s8
OR
juniperjunosMatch19.2r1-s9
OR
juniperjunosMatch19.2r2
OR
juniperjunosMatch19.2r2-s1
OR
juniperjunosMatch19.2r3
OR
juniperjunosMatch19.2r3-s1
OR
juniperjunosMatch19.2r3-s2
OR
juniperjunosMatch19.2r3-s3
OR
juniperjunosMatch19.2r3-s4
OR
juniperjunosMatch19.2r3-s5
OR
juniperjunosMatch19.3-
OR
juniperjunosMatch19.3r1
OR
juniperjunosMatch19.3r1-s1
OR
juniperjunosMatch19.3r2
OR
juniperjunosMatch19.3r2-s1
OR
juniperjunosMatch19.3r2-s2
OR
juniperjunosMatch19.3r2-s3
OR
juniperjunosMatch19.3r2-s4
OR
juniperjunosMatch19.3r2-s5
OR
juniperjunosMatch19.3r2-s6
OR
juniperjunosMatch19.3r3
OR
juniperjunosMatch19.3r3-s1
OR
juniperjunosMatch19.3r3-s2
OR
juniperjunosMatch19.3r3-s3
OR
juniperjunosMatch19.3r3-s4
OR
juniperjunosMatch19.3r3-s5
OR
juniperjunosMatch19.4-
OR
juniperjunosMatch19.4r1
OR
juniperjunosMatch19.4r1-s1
OR
juniperjunosMatch19.4r1-s2
OR
juniperjunosMatch19.4r1-s3
OR
juniperjunosMatch19.4r1-s4
OR
juniperjunosMatch19.4r2
OR
juniperjunosMatch19.4r2-s1
OR
juniperjunosMatch19.4r2-s2
OR
juniperjunosMatch19.4r2-s3
OR
juniperjunosMatch19.4r2-s4
OR
juniperjunosMatch19.4r2-s5
OR
juniperjunosMatch19.4r2-s6
OR
juniperjunosMatch19.4r3
OR
juniperjunosMatch19.4r3-s1
OR
juniperjunosMatch19.4r3-s2
OR
juniperjunosMatch19.4r3-s3
OR
juniperjunosMatch19.4r3-s4
OR
juniperjunosMatch19.4r3-s5
OR
juniperjunosMatch19.4r3-s6
OR
juniperjunosMatch19.4r3-s7
OR
juniperjunosMatch20.1r1
OR
juniperjunosMatch20.1r1-s1
OR
juniperjunosMatch20.1r1-s2
OR
juniperjunosMatch20.1r1-s3
OR
juniperjunosMatch20.1r1-s4
OR
juniperjunosMatch20.1r2
OR
juniperjunosMatch20.1r2-s1
OR
juniperjunosMatch20.1r2-s2
OR
juniperjunosMatch20.1r3
OR
juniperjunosMatch20.1r3-s1
OR
juniperjunosMatch20.1r3-s2
OR
juniperjunosMatch20.1r3-s3
OR
juniperjunosMatch20.1r3-s4
OR
juniperjunosMatch20.2-
OR
juniperjunosMatch20.2r1
OR
juniperjunosMatch20.2r1-s1
OR
juniperjunosMatch20.2r1-s2
OR
juniperjunosMatch20.2r1-s3
OR
juniperjunosMatch20.2r2
OR
juniperjunosMatch20.2r2-s1
OR
juniperjunosMatch20.2r2-s2
OR
juniperjunosMatch20.2r2-s3
OR
juniperjunosMatch20.2r3
OR
juniperjunosMatch20.2r3-s1
OR
juniperjunosMatch20.2r3-s2
OR
juniperjunosMatch20.2r3-s3
OR
juniperjunosMatch20.2r3-s4
OR
juniperjunosMatch20.3-
OR
juniperjunosMatch20.3r1
OR
juniperjunosMatch20.3r1-s1
OR
juniperjunosMatch20.3r1-s2
OR
juniperjunosMatch20.3r2
OR
juniperjunosMatch20.3r2-s1
OR
juniperjunosMatch20.3r3
OR
juniperjunosMatch20.3r3-s1
OR
juniperjunosMatch20.3r3-s2
OR
juniperjunosMatch20.3r3-s3
OR
juniperjunosMatch20.3r3-s4
OR
juniperjunosMatch20.4-
OR
juniperjunosMatch20.4r1
OR
juniperjunosMatch20.4r1-s1
OR
juniperjunosMatch20.4r2
OR
juniperjunosMatch20.4r2-s1
OR
juniperjunosMatch20.4r2-s2
OR
juniperjunosMatch20.4r3
OR
juniperjunosMatch20.4r3-s1
OR
juniperjunosMatch21.1-
OR
juniperjunosMatch21.1r1
OR
juniperjunosMatch21.1r1-s1
OR
juniperjunosMatch21.1r2
OR
juniperjunosMatch21.1r2-s1
OR
juniperjunosMatch21.1r2-s2
OR
juniperjunosMatch21.2-
OR
juniperjunosMatch21.2r1
OR
juniperjunosMatch21.2r1-s1
OR
juniperjunosMatch21.2r1-s2
OR
juniperjunosMatch21.2r2
OR
juniperjunosMatch21.2r2-s1
OR
juniperjunosMatch21.2r2-s2
OR
juniperjunosMatch21.3-
OR
juniperjunosMatch21.3r1
OR
juniperjunosMatch21.3r1-s1
OR
juniperjunosMatch21.3r1-s2
AND
junipermx10Match-
OR
junipermx10000Match-
OR
junipermx10003Match-
OR
junipermx10008Match-
OR
junipermx10016Match-
OR
junipermx104Match-
OR
junipermx150Match-
OR
junipermx2008Match-
OR
junipermx2010Match-
OR
junipermx2020Match-
OR
junipermx204Match-
OR
junipermx240Match-
OR
junipermx40Match-
OR
junipermx480Match-
OR
junipermx5Match-
OR
junipermx80Match-
OR
junipermx960Match-

CNA Affected

[
  {
    "vendor": "Juniper Networks",
    "product": "Junos OS",
    "versions": [
      {
        "version": "unspecified",
        "lessThan": "15.1R7-S13",
        "status": "affected",
        "versionType": "custom"
      },
      {
        "version": "19.1",
        "status": "affected",
        "lessThan": "19.1R3-S9",
        "versionType": "custom"
      },
      {
        "version": "19.2",
        "status": "affected",
        "lessThan": "19.2R3-S6",
        "versionType": "custom"
      },
      {
        "version": "19.3",
        "status": "affected",
        "lessThan": "19.3R3-S6",
        "versionType": "custom"
      },
      {
        "version": "19.4",
        "status": "affected",
        "lessThan": "19.4R2-S7, 19.4R3-S8",
        "versionType": "custom"
      },
      {
        "version": "20.1R1",
        "status": "affected",
        "lessThan": "20.1*",
        "versionType": "custom"
      },
      {
        "version": "20.2",
        "status": "affected",
        "lessThan": "20.2R3-S5",
        "versionType": "custom"
      },
      {
        "version": "20.3",
        "status": "affected",
        "lessThan": "20.3R3-S5",
        "versionType": "custom"
      },
      {
        "version": "20.4",
        "status": "affected",
        "lessThan": "20.4R3-S2",
        "versionType": "custom"
      },
      {
        "version": "21.1",
        "status": "affected",
        "lessThan": "21.1R3",
        "versionType": "custom"
      },
      {
        "version": "21.2",
        "status": "affected",
        "lessThan": "21.2R3",
        "versionType": "custom"
      },
      {
        "version": "21.3",
        "status": "affected",
        "lessThan": "21.3R2",
        "versionType": "custom"
      }
    ],
    "platforms": [
      "MX Series"
    ]
  }
]

Social References

More

Related

prion 1
cvelist 1
nvd 1
nessus 1
prion
prion
Memory corruption
2022-10-18 03:15:00
cvelist
cvelist
CVE-2022-22249 Junos OS: MX Series: An FPC crash might be seen due to mac-moves within the same bridge domain
2022-10-12 00:00:00
nvd
nvd
CVE-2022-22249
2022-10-18 03:15:11
nessus
nessus
Juniper Junos OS Vulnerability (JSA69906)
2022-10-12 00:00:00

6.5 Medium

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.001 Low

EPSS

Percentile

31.4%

JSON
Related for CVE-2022-22249
prion1cvelist1nvd1nessus1