ID

VAR-202201-1560


CVE

CVE-2022-22157


TITLE

Juniper Networks Junos OS  Fraud related to unauthorized authentication in

Trust: 0.8

sources: JVNDB: JVNDB-2022-004214

DESCRIPTION

A traffic classification vulnerability in Juniper Networks Junos OS on the SRX Series Services Gateways may allow an attacker to bypass Juniper Deep Packet Inspection (JDPI) rules and access unauthorized networks or resources, when 'no-syn-check' is enabled on the device. JDPI incorrectly classifies out-of-state asymmetric TCP flows as the dynamic-application INCONCLUSIVE instead of UNKNOWN, which is more permissive, causing the firewall to allow traffic to be forwarded that should have been denied. This issue only occurs when 'set security flow tcp-session no-syn-check' is configured on the device. This issue affects Juniper Networks Junos OS on SRX Series: 18.4 versions prior to 18.4R2-S9, 18.4R3-S9; 19.1 versions prior to 19.1R2-S3, 19.1R3-S6; 19.2 versions prior to 19.2R1-S7, 19.2R3-S3; 19.3 versions prior to 19.3R2-S6, 19.3R3-S2; 19.4 versions prior to 19.4R2-S5, 19.4R3-S3; 20.1 versions prior to 20.1R2-S2, 20.1R3; 20.2 versions prior to 20.2R3-S1; 20.3 versions prior to 20.3R3; 20.4 versions prior to 20.4R2-S1, 20.4R3; 21.1 versions prior to 21.1R1-S1, 21.1R2. This issue does not affect Juniper Networks Junos OS versions prior to 18.4R1

Trust: 1.8

sources: NVD: CVE-2022-22157 // JVNDB: JVNDB-2022-004214 // VULHUB: VHN-409686 // VULMON: CVE-2022-22157

AFFECTED PRODUCTS

vendor:junipermodel:junosscope:eqversion:21.1

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:20.3

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:20.4

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:19.4

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:19.1

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:18.4

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:21.2

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:20.1

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:20.2

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:19.3

Trust: 1.0

vendor:junipermodel:junosscope:eqversion:19.2

Trust: 1.0

vendor:ジュニパーネットワークスmodel:junos osscope: - version: -

Trust: 0.8

vendor:ジュニパーネットワークスmodel:junos osscope:eqversion: -

Trust: 0.8

sources: JVNDB: JVNDB-2022-004214 // NVD: CVE-2022-22157

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2022-22157
value: CRITICAL

Trust: 1.0

sirt@juniper.net: CVE-2022-22157
value: HIGH

Trust: 1.0

NVD: CVE-2022-22157
value: CRITICAL

Trust: 0.8

CNNVD: CNNVD-202201-920
value: CRITICAL

Trust: 0.6

VULHUB: VHN-409686
value: MEDIUM

Trust: 0.1

VULMON: CVE-2022-22157
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2022-22157
severity: MEDIUM
baseScore: 5.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-409686
severity: MEDIUM
baseScore: 5.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2022-22157
baseSeverity: CRITICAL
baseScore: 9.3
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: HIGH
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 4.7
version: 3.1

Trust: 1.0

sirt@juniper.net: CVE-2022-22157
baseSeverity: HIGH
baseScore: 7.2
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: LOW
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 2.7
version: 3.1

Trust: 1.0

NVD: CVE-2022-22157
baseSeverity: CRITICAL
baseScore: 9.3
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: CHANGED
confidentialityImpact: HIGH
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-409686 // VULMON: CVE-2022-22157 // JVNDB: JVNDB-2022-004214 // CNNVD: CNNVD-202201-920 // NVD: CVE-2022-22157 // NVD: CVE-2022-22157

PROBLEMTYPE DATA

problemtype:CWE-863

Trust: 1.1

problemtype:Illegal authentication (CWE-863) [NVD evaluation ]

Trust: 0.8

sources: VULHUB: VHN-409686 // JVNDB: JVNDB-2022-004214 // NVD: CVE-2022-22157

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202201-920

TYPE

security feature problem

Trust: 0.6

sources: CNNVD: CNNVD-202201-920

PATCH

title:JSA11265url:https://supportportal.juniper.net/s/article/2022-01-Security-Bulletin-Junos-OS-SRX-Series-Multiple-vulnerabilities-in-traffic-classification-when-no-syn-check-is-enabled-CVE-2022-22157-CVE-2022-22167?language=en_US

Trust: 0.8

title:Juniper Networks Junos OS Fixing measures for security feature vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=183781

Trust: 0.6

title:CVE-2022-XXXXurl:https://github.com/AlphabugX/CVE-2022-23305

Trust: 0.1

title:CVE-2022-XXXXurl:https://github.com/AlphabugX/CVE-2022-RCE

Trust: 0.1

sources: VULMON: CVE-2022-22157 // JVNDB: JVNDB-2022-004214 // CNNVD: CNNVD-202201-920

EXTERNAL IDS

db:NVDid:CVE-2022-22157

Trust: 3.4

db:JUNIPERid:JSA11265

Trust: 1.8

db:JVNDBid:JVNDB-2022-004214

Trust: 0.8

db:CS-HELPid:SB2022011701

Trust: 0.6

db:CNNVDid:CNNVD-202201-920

Trust: 0.6

db:VULHUBid:VHN-409686

Trust: 0.1

db:VULMONid:CVE-2022-22157

Trust: 0.1

sources: VULHUB: VHN-409686 // VULMON: CVE-2022-22157 // JVNDB: JVNDB-2022-004214 // CNNVD: CNNVD-202201-920 // NVD: CVE-2022-22157

REFERENCES

url:https://kb.juniper.net/jsa11265

Trust: 1.8

url:https://nvd.nist.gov/vuln/detail/cve-2022-22157

Trust: 1.4

url:https://www.cybersecurity-help.cz/vdb/sb2022011701

Trust: 0.6

url:https://vigilance.fr/vulnerability/junos-os-multiple-vulnerabilities-37234

Trust: 0.6

url:https://cwe.mitre.org/data/definitions/863.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://github.com/alphabugx/cve-2022-23305

Trust: 0.1

sources: VULHUB: VHN-409686 // VULMON: CVE-2022-22157 // JVNDB: JVNDB-2022-004214 // CNNVD: CNNVD-202201-920 // NVD: CVE-2022-22157

SOURCES

db:VULHUBid:VHN-409686
db:VULMONid:CVE-2022-22157
db:JVNDBid:JVNDB-2022-004214
db:CNNVDid:CNNVD-202201-920
db:NVDid:CVE-2022-22157

LAST UPDATE DATE

2024-11-23T23:00:58.729000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-409686date:2022-01-28T00:00:00
db:VULMONid:CVE-2022-22157date:2022-01-28T00:00:00
db:JVNDBid:JVNDB-2022-004214date:2023-03-31T05:46:00
db:CNNVDid:CNNVD-202201-920date:2022-02-28T00:00:00
db:NVDid:CVE-2022-22157date:2024-11-21T06:46:16.703

SOURCES RELEASE DATE

db:VULHUBid:VHN-409686date:2022-01-19T00:00:00
db:VULMONid:CVE-2022-22157date:2022-01-19T00:00:00
db:JVNDBid:JVNDB-2022-004214date:2023-03-31T00:00:00
db:CNNVDid:CNNVD-202201-920date:2022-01-12T00:00:00
db:NVDid:CVE-2022-22157date:2022-01-19T01:15:08.450