Details of VAR-202201-0630

ID

VAR-202201-0630

CVE

CVE-2022-22159

TITLE

Juniper Networks Junos OS Kernel resource exhaustion vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2022-004146

DESCRIPTION

A vulnerability in the NETISR network queue functionality of Juniper Networks Junos OS kernel allows an attacker to cause a Denial of Service (DoS) by sending crafted genuine packets to a device. During an attack, the routing protocol daemon (rpd) CPU may reach 100% utilization, yet FPC CPUs forwarding traffic will operate normally. This attack occurs when the attackers' packets are sent over an IPv4 unicast routing equal-cost multi-path (ECMP) unilist selection. Continued receipt and processing of these packets will create a sustained Denial of Service (DoS) condition. An indicator of compromise may be to monitor NETISR drops in the network with the assistance of JTAC. Please contact JTAC for technical support for further guidance. This issue affects: Juniper Networks Junos OS 17.3 version 17.3R3-S9 and later versions prior to 17.3R3-S12; 17.4 version 17.4R3-S3 and later versions prior to 17.4R3-S5; 18.1 version 18.1R3-S11 and later versions prior to 18.1R3-S13; 18.2 version 18.2R3-S6 and later versions; 18.3 version 18.3R3-S4 and later versions prior to 18.3R3-S5; 18.4 version 18.4R3-S5 and later versions prior to 18.4R3-S9; 19.1 version 19.1R3-S3 and later versions prior to 19.1R3-S7. This issue does not affect Juniper Networks Junos OS versions prior to 17.3R3-S9. This issue does not affect Juniper Networks Junos OS Evolved. Juniper Networks Junos OS The kernel contains a resource exhaustion vulnerability.Service operation interruption (DoS) It may be in a state

Trust: 1.8

sources: NVD: CVE-2022-22159 // JVNDB: JVNDB-2022-004146 // VULHUB: VHN-409688 // VULMON: CVE-2022-22159

AFFECTED PRODUCTS

vendor:	juniper	model:	junos	scope:	eq	version:	17.3	Trust: 1.0
vendor:	juniper	model:	junos	scope:	eq	version:	18.1	Trust: 1.0
vendor:	juniper	model:	junos	scope:	eq	version:	17.4	Trust: 1.0
vendor:	juniper	model:	junos	scope:	eq	version:	18.2	Trust: 1.0
vendor:	juniper	model:	junos	scope:	eq	version:	18.4	Trust: 1.0
vendor:	juniper	model:	junos	scope:	eq	version:	19.1	Trust: 1.0
vendor:	juniper	model:	junos	scope:	eq	version:	18.3	Trust: 1.0
vendor:	ジュニパーネットワークス	model:	junos os	scope:	eq	version:	-	Trust: 0.8
vendor:	ジュニパーネットワークス	model:	junos os	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2022-004146 // NVD: CVE-2022-22159

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2022-22159
value:	HIGH
Trust: 1.0
sirt@juniper.net:	CVE-2022-22159
value:	HIGH
Trust: 1.0
NVD:	CVE-2022-22159
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-202201-919
value:	HIGH
Trust: 0.6
VULHUB:	VHN-409688
value:	MEDIUM
Trust: 0.1
VULMON:	CVE-2022-22159
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2022-22159
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
VULHUB:	VHN-409688
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2022-22159
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.1
Trust: 2.0
OTHER:	JVNDB-2022-004146
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-409688 // VULMON: CVE-2022-22159 // JVNDB: JVNDB-2022-004146 // CNNVD: CNNVD-202201-919 // NVD: CVE-2022-22159 // NVD: CVE-2022-22159

PROBLEMTYPE DATA

problemtype:	NVD-CWE-noinfo	Trust: 1.0
problemtype:	Resource exhaustion (CWE-400) [NVD evaluation ]	Trust: 0.8
problemtype:	CWE-400	Trust: 0.1

sources: VULHUB: VHN-409688 // JVNDB: JVNDB-2022-004146 // NVD: CVE-2022-22159

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202201-919

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-202201-919

PATCH

title:	JSA11267	url:	https://supportportal.juniper.net/s/article/2022-01-Security-Bulletin-Junos-OS-An-attacker-sending-crafted-packets-can-cause-a-traffic-and-CPU-Denial-of-Service-DoS-CVE-2022-22159?language=en_US	Trust: 0.8
title:	Juniper Networks Junos OS Remediation of resource management error vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=183780	Trust: 0.6
title:	CVE-2022-XXXX	url:	https://github.com/AlphabugX/CVE-2022-23305	Trust: 0.1
title:	CVE-2022-XXXX	url:	https://github.com/AlphabugX/CVE-2022-RCE	Trust: 0.1

sources: VULMON: CVE-2022-22159 // JVNDB: JVNDB-2022-004146 // CNNVD: CNNVD-202201-919

EXTERNAL IDS

db:	NVD	id:	CVE-2022-22159	Trust: 3.4
db:	JUNIPER	id:	JSA11267	Trust: 1.8
db:	JVNDB	id:	JVNDB-2022-004146	Trust: 0.8
db:	CS-HELP	id:	SB2022011322	Trust: 0.6
db:	CNNVD	id:	CNNVD-202201-919	Trust: 0.6
db:	VULHUB	id:	VHN-409688	Trust: 0.1
db:	VULMON	id:	CVE-2022-22159	Trust: 0.1

sources: VULHUB: VHN-409688 // VULMON: CVE-2022-22159 // JVNDB: JVNDB-2022-004146 // CNNVD: CNNVD-202201-919 // NVD: CVE-2022-22159

REFERENCES

url:	https://kb.juniper.net/jsa11267	Trust: 1.8
url:	https://nvd.nist.gov/vuln/detail/cve-2022-22159	Trust: 1.4
url:	https://vigilance.fr/vulnerability/junos-os-multiple-vulnerabilities-37234	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2022011322	Trust: 0.6
url:	https://cwe.mitre.org/data/definitions/.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://github.com/alphabugx/cve-2022-23305	Trust: 0.1

sources: VULHUB: VHN-409688 // VULMON: CVE-2022-22159 // JVNDB: JVNDB-2022-004146 // CNNVD: CNNVD-202201-919 // NVD: CVE-2022-22159

SOURCES

db:	VULHUB	id:	VHN-409688
db:	VULMON	id:	CVE-2022-22159
db:	JVNDB	id:	JVNDB-2022-004146
db:	CNNVD	id:	CNNVD-202201-919
db:	NVD	id:	CVE-2022-22159

LAST UPDATE DATE

2024-08-14T14:44:06.808000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-409688	date:	2022-01-31T00:00:00
db:	VULMON	id:	CVE-2022-22159	date:	2023-08-08T00:00:00
db:	JVNDB	id:	JVNDB-2022-004146	date:	2023-03-23T05:26:00
db:	CNNVD	id:	CNNVD-202201-919	date:	2022-02-28T00:00:00
db:	NVD	id:	CVE-2022-22159	date:	2023-08-08T14:22:24.967

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-409688	date:	2022-01-19T00:00:00
db:	VULMON	id:	CVE-2022-22159	date:	2022-01-19T00:00:00
db:	JVNDB	id:	JVNDB-2022-004146	date:	2023-03-23T00:00:00
db:	CNNVD	id:	CNNVD-202201-919	date:	2022-01-12T00:00:00
db:	NVD	id:	CVE-2022-22159	date:	2022-01-19T01:15:08.507