ID

VAR-202201-0630


CVE

CVE-2022-22159


TITLE

Juniper Networks Junos OS  Kernel resource exhaustion vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2022-004146

DESCRIPTION

A vulnerability in the NETISR network queue functionality of Juniper Networks Junos OS kernel allows an attacker to cause a Denial of Service (DoS) by sending crafted genuine packets to a device. During an attack, the routing protocol daemon (rpd) CPU may reach 100% utilization, yet FPC CPUs forwarding traffic will operate normally. This attack occurs when the attackers' packets are sent over an IPv4 unicast routing equal-cost multi-path (ECMP) unilist selection. Continued receipt and processing of these packets will create a sustained Denial of Service (DoS) condition. An indicator of compromise may be to monitor NETISR drops in the network with the assistance of JTAC. Please contact JTAC for technical support for further guidance. This issue affects: Juniper Networks Junos OS 17.3 version 17.3R3-S9 and later versions prior to 17.3R3-S12; 17.4 version 17.4R3-S3 and later versions prior to 17.4R3-S5; 18.1 version 18.1R3-S11 and later versions prior to 18.1R3-S13; 18.2 version 18.2R3-S6 and later versions; 18.3 version 18.3R3-S4 and later versions prior to 18.3R3-S5; 18.4 version 18.4R3-S5 and later versions prior to 18.4R3-S9; 19.1 version 19.1R3-S3 and later versions prior to 19.1R3-S7. This issue does not affect Juniper Networks Junos OS versions prior to 17.3R3-S9. This issue does not affect Juniper Networks Junos OS Evolved. Juniper Networks Junos OS The kernel contains a resource exhaustion vulnerability.Service operation interruption (DoS) It may be in a state

Trust: 1.8

sources: NVD: CVE-2022-22159 // JVNDB: JVNDB-2022-004146 // VULHUB: VHN-409688 // VULMON: CVE-2022-22159

AFFECTED PRODUCTS

vendor:junipermodel:junosscope:eqversion:17.3

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:18.1

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:17.4

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:18.2

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:18.4

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:19.1

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:18.3

Trust: 1.0

vendor:ジュニパーネットワークスmodel:junos osscope:eqversion: -

Trust: 0.8

vendor:ジュニパーネットワークスmodel:junos osscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2022-004146 // NVD: CVE-2022-22159

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2022-22159
value: HIGH

Trust: 1.0

sirt@juniper.net: CVE-2022-22159
value: HIGH

Trust: 1.0

NVD: CVE-2022-22159
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202201-919
value: HIGH

Trust: 0.6

VULHUB: VHN-409688
value: MEDIUM

Trust: 0.1

VULMON: CVE-2022-22159
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2022-22159
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-409688
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2022-22159
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 2.0

OTHER: JVNDB-2022-004146
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-409688 // VULMON: CVE-2022-22159 // JVNDB: JVNDB-2022-004146 // CNNVD: CNNVD-202201-919 // NVD: CVE-2022-22159 // NVD: CVE-2022-22159

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

problemtype:Resource exhaustion (CWE-400) [NVD evaluation ]

Trust: 0.8

problemtype:CWE-400

Trust: 0.1

sources: VULHUB: VHN-409688 // JVNDB: JVNDB-2022-004146 // NVD: CVE-2022-22159

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202201-919

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-202201-919

PATCH

title:JSA11267url:https://supportportal.juniper.net/s/article/2022-01-Security-Bulletin-Junos-OS-An-attacker-sending-crafted-packets-can-cause-a-traffic-and-CPU-Denial-of-Service-DoS-CVE-2022-22159?language=en_US

Trust: 0.8

title:Juniper Networks Junos OS Remediation of resource management error vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=183780

Trust: 0.6

title:CVE-2022-XXXXurl:https://github.com/AlphabugX/CVE-2022-23305

Trust: 0.1

title:CVE-2022-XXXXurl:https://github.com/AlphabugX/CVE-2022-RCE

Trust: 0.1

sources: VULMON: CVE-2022-22159 // JVNDB: JVNDB-2022-004146 // CNNVD: CNNVD-202201-919

EXTERNAL IDS

db:NVDid:CVE-2022-22159

Trust: 3.4

db:JUNIPERid:JSA11267

Trust: 1.8

db:JVNDBid:JVNDB-2022-004146

Trust: 0.8

db:CS-HELPid:SB2022011322

Trust: 0.6

db:CNNVDid:CNNVD-202201-919

Trust: 0.6

db:VULHUBid:VHN-409688

Trust: 0.1

db:VULMONid:CVE-2022-22159

Trust: 0.1

sources: VULHUB: VHN-409688 // VULMON: CVE-2022-22159 // JVNDB: JVNDB-2022-004146 // CNNVD: CNNVD-202201-919 // NVD: CVE-2022-22159

REFERENCES

url:https://kb.juniper.net/jsa11267

Trust: 1.8

url:https://nvd.nist.gov/vuln/detail/cve-2022-22159

Trust: 1.4

url:https://vigilance.fr/vulnerability/junos-os-multiple-vulnerabilities-37234

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022011322

Trust: 0.6

url:https://cwe.mitre.org/data/definitions/.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://github.com/alphabugx/cve-2022-23305

Trust: 0.1

sources: VULHUB: VHN-409688 // VULMON: CVE-2022-22159 // JVNDB: JVNDB-2022-004146 // CNNVD: CNNVD-202201-919 // NVD: CVE-2022-22159

SOURCES

db:VULHUBid:VHN-409688
db:VULMONid:CVE-2022-22159
db:JVNDBid:JVNDB-2022-004146
db:CNNVDid:CNNVD-202201-919
db:NVDid:CVE-2022-22159

LAST UPDATE DATE

2024-08-14T14:44:06.808000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-409688date:2022-01-31T00:00:00
db:VULMONid:CVE-2022-22159date:2023-08-08T00:00:00
db:JVNDBid:JVNDB-2022-004146date:2023-03-23T05:26:00
db:CNNVDid:CNNVD-202201-919date:2022-02-28T00:00:00
db:NVDid:CVE-2022-22159date:2023-08-08T14:22:24.967

SOURCES RELEASE DATE

db:VULHUBid:VHN-409688date:2022-01-19T00:00:00
db:VULMONid:CVE-2022-22159date:2022-01-19T00:00:00
db:JVNDBid:JVNDB-2022-004146date:2023-03-23T00:00:00
db:CNNVDid:CNNVD-202201-919date:2022-01-12T00:00:00
db:NVDid:CVE-2022-22159date:2022-01-19T01:15:08.507