CVE-2022-22188: Junos OS: QFX5100/QFX5110/QFX5120/QFX5200/QFX5210/EX4600/EX4650 Series: When storm control profiling is enabled and a device is under an active storm, a Heap-based Buffer Overflow in the PFE will cause a device to hang.
First published: Wed Apr 13 2022(Updated: )
An Uncontrolled Memory Allocation vulnerability leading to a Heap-based Buffer Overflow in the packet forwarding engine (PFE) of Juniper Networks Junos OS allows a network-based unauthenticated attacker to flood the device with traffic leading to a Denial of Service (DoS). The device must be configured with storm control profiling limiting the number of unknown broadcast, multicast, or unicast traffic to be vulnerable to this issue. This issue affects: Juniper Networks Junos OS on QFX5100/QFX5110/QFX5120/QFX5200/QFX5210/EX4600/EX4650 Series; 20.2 version 20.2R1 and later versions prior to 20.2R2. This issue does not affect: Juniper Networks Junos OS versions prior to 20.2R1.
Credit: sirt@juniper.net
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Juniper JUNOS | =20.2-r1 | |
| Juniper JUNOS | =20.2-r1-s1 | |
| Juniper JUNOS | =20.2-r1-s2 | |
| Juniper JUNOS | =20.2-r1-s3 | |
| Juniper EX4600 | ||
| Juniper Ex4650 | ||
| Juniper Qfx5100 | ||
| Juniper Qfx5110 | ||
| Juniper Qfx5120 | ||
| Juniper Qfx5200 | ||
| Juniper Qfx5210 |
Remedy
The following software releases have been updated to resolve this specific issue: 20.2R2, 20.3R1, and all subsequent releases.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2022-22188?
CVE-2022-22188 is an Uncontrolled Memory Allocation vulnerability leading to a Heap-based Buffer Overflow in the packet forwarding engine (PFE) of Juniper Networks Junos OS.
How does CVE-2022-22188 affect Juniper Junos OS?
CVE-2022-22188 allows a network-based unauthenticated attacker to flood the device with traffic leading to a Denial of Service (DoS) on Juniper Junos OS.
How severe is CVE-2022-22188?
CVE-2022-22188 has a severity rating of 7.5 (High).
How can I fix CVE-2022-22188?
To fix CVE-2022-22188, update Juniper Junos OS to the latest version provided by Juniper Networks.
Where can I find more information about CVE-2022-22188?
More information about CVE-2022-22188 can be found in the Juniper Networks security advisory at this link: https://kb.juniper.net/JSA69497
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/remedy
- agent/severity
- agent/author
- agent/weakness
- agent/title
- agent/last-modified-date
- agent/references
- agent/tags
- agent/description
- agent/first-publish-date
- agent/event
- vendor/juniper
- canonical/juniper junos
- version/juniper junos/20.2-r1
- version/juniper junos/20.2-r1-s1
- version/juniper junos/20.2-r1-s2
- version/juniper junos/20.2-r1-s3
- canonical/juniper ex4600
- canonical/juniper ex4650
- canonical/juniper qfx5100
- canonical/juniper qfx5110
- canonical/juniper qfx5120
- canonical/juniper qfx5200
- canonical/juniper qfx5210