CVE-2022-22197: Junos OS and Junos OS Evolved: An rpd core will be observed with proxy BGP route-target filtering enabled and certain route add and delete event happening

First published: Thu Apr 14 2022(Updated: )

An Operation on a Resource after Expiration or Release vulnerability in the Routing Protocol Daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated network-based attacker with an established BGP session to cause a Denial of Service (DoS). This issue occurs when proxy-generate route-target filtering is enabled, and certain proxy-route add and delete events are happening. This issue affects: Juniper Networks Junos OS All versions prior to 17.3R3-S11; 17.4 versions prior to 17.4R2-S13, 17.4R3-S4; 18.3 versions prior to 18.3R3-S4; 18.4 versions prior to 18.4R1-S8, 18.4R2-S8, 18.4R3-S6; 19.1 versions prior to 19.1R3-S4; 19.2 versions prior to 19.2R1-S6, 19.2R3-S2; 19.3 versions prior to 19.3R2-S6, 19.3R3-S1; 19.4 versions prior to 19.4R1-S4, 19.4R2-S4, 19.4R3; 20.1 versions prior to 20.1R2; 20.2 versions prior to 20.2R2; 20.3 versions prior to 20.3R1-S2, 20.3R2. Juniper Networks Junos OS Evolved All versions prior to 20.1R3-EVO; 20.2 versions prior to 20.2R3-EVO; 20.3 versions prior to 20.3R2-EVO.

Credit: sirt@juniper.net

Affected Software	Affected Version	How to fix
Juniper Junos Os Evolved	<20.1
Juniper Junos Os Evolved	=20.1-r1
Juniper Junos Os Evolved	=20.1-r1-s1
Juniper Junos Os Evolved	=20.1-r2
Juniper Junos Os Evolved	=20.1-r2-s1
Juniper Junos Os Evolved	=20.1-r2-s2
Juniper Junos Os Evolved	=20.1-r2-s3
Juniper Junos Os Evolved	=20.1-r2-s4
Juniper Junos Os Evolved	=20.1-r2-s5
Juniper Junos Os Evolved	=20.2-r1
Juniper Junos Os Evolved	=20.2-r1-s1
Juniper Junos Os Evolved	=20.2-r2
Juniper Junos Os Evolved	=20.2-r2-s1
Juniper Junos Os Evolved	=20.3-r1
Juniper Junos Os Evolved	=20.3-r1-s1
Juniper Junos Os Evolved	=20.3-r1-s2
Juniper Junos Os Evolved	=20.3-r1-s3
Juniper JUNOS	<17.3
Juniper JUNOS	=17.3
Juniper JUNOS	=17.3-r1
Juniper JUNOS	=17.3-r1-s1
Juniper JUNOS	=17.3-r1-s4
Juniper JUNOS	=17.3-r2
Juniper JUNOS	=17.3-r2-s1
Juniper JUNOS	=17.3-r2-s2
Juniper JUNOS	=17.3-r2-s3
Juniper JUNOS	=17.3-r2-s4
Juniper JUNOS	=17.3-r2-s5
Juniper JUNOS	=17.3-r3
Juniper JUNOS	=17.3-r3
Juniper JUNOS	=17.3-r3-s1
Juniper JUNOS	=17.3-r3-s10
Juniper JUNOS	=17.3-r3-s2
Juniper JUNOS	=17.3-r3-s3
Juniper JUNOS	=17.3-r3-s4
Juniper JUNOS	=17.3-r3-s5
Juniper JUNOS	=17.3-r3-s6
Juniper JUNOS	=17.3-r3-s7
Juniper JUNOS	=17.3-r3-s8
Juniper JUNOS	=17.3-r3-s9
Juniper JUNOS	=17.4-r1
Juniper JUNOS	=17.4-r1-s1
Juniper JUNOS	=17.4-r1-s2
Juniper JUNOS	=17.4-r1-s3
Juniper JUNOS	=17.4-r1-s4
Juniper JUNOS	=17.4-r1-s5
Juniper JUNOS	=17.4-r1-s6
Juniper JUNOS	=17.4-r1-s7
Juniper JUNOS	=17.4-r2
Juniper JUNOS	=17.4-r2-s1
Juniper JUNOS	=17.4-r2-s10
Juniper JUNOS	=17.4-r2-s11
Juniper JUNOS	=17.4-r2-s12
Juniper JUNOS	=17.4-r2-s2
Juniper JUNOS	=17.4-r2-s3
Juniper JUNOS	=17.4-r2-s4
Juniper JUNOS	=17.4-r2-s5
Juniper JUNOS	=17.4-r2-s6
Juniper JUNOS	=17.4-r2-s7
Juniper JUNOS	=17.4-r2-s8
Juniper JUNOS	=17.4-r2-s9
Juniper JUNOS	=17.4-r3
Juniper JUNOS	=17.4-r3-s1
Juniper JUNOS	=17.4-r3-s2
Juniper JUNOS	=17.4-r3-s3
Juniper JUNOS	=18.3-r1
Juniper JUNOS	=18.3-r1-s1
Juniper JUNOS	=18.3-r1-s2
Juniper JUNOS	=18.3-r1-s3
Juniper JUNOS	=18.3-r1-s4
Juniper JUNOS	=18.3-r1-s5
Juniper JUNOS	=18.3-r1-s6
Juniper JUNOS	=18.3-r2
Juniper JUNOS	=18.3-r2-s1
Juniper JUNOS	=18.3-r2-s2
Juniper JUNOS	=18.3-r2-s3
Juniper JUNOS	=18.3-r2-s4
Juniper JUNOS	=18.3-r3
Juniper JUNOS	=18.3-r3-s1
Juniper JUNOS	=18.3-r3-s2
Juniper JUNOS	=18.3-r3-s3
Juniper JUNOS	=18.4-r1
Juniper JUNOS	=18.4-r1-s1
Juniper JUNOS	=18.4-r1-s2
Juniper JUNOS	=18.4-r1-s3
Juniper JUNOS	=18.4-r1-s4
Juniper JUNOS	=18.4-r1-s5
Juniper JUNOS	=18.4-r1-s6
Juniper JUNOS	=18.4-r1-s7
Juniper JUNOS	=18.4-r2
Juniper JUNOS	=18.4-r2-s1
Juniper JUNOS	=18.4-r2-s2
Juniper JUNOS	=18.4-r2-s3
Juniper JUNOS	=18.4-r2-s4
Juniper JUNOS	=18.4-r2-s5
Juniper JUNOS	=18.4-r2-s6
Juniper JUNOS	=18.4-r2-s7
Juniper JUNOS	=18.4-r3
Juniper JUNOS	=18.4-r3-s1
Juniper JUNOS	=18.4-r3-s2
Juniper JUNOS	=18.4-r3-s3
Juniper JUNOS	=18.4-r3-s4
Juniper JUNOS	=18.4-r3-s5
Juniper JUNOS	=19.1-r1
Juniper JUNOS	=19.1-r1-s1
Juniper JUNOS	=19.1-r1-s2
Juniper JUNOS	=19.1-r1-s3
Juniper JUNOS	=19.1-r1-s4
Juniper JUNOS	=19.1-r1-s5
Juniper JUNOS	=19.1-r1-s6
Juniper JUNOS	=19.1-r2
Juniper JUNOS	=19.1-r2-s1
Juniper JUNOS	=19.1-r2-s2
Juniper JUNOS	=19.1-r2-s3
Juniper JUNOS	=19.1-r3
Juniper JUNOS	=19.1-r3-s1
Juniper JUNOS	=19.1-r3-s2
Juniper JUNOS	=19.1-r3-s3
Juniper JUNOS	=19.2-r1
Juniper JUNOS	=19.2-r1-s1
Juniper JUNOS	=19.2-r1-s2
Juniper JUNOS	=19.2-r1-s3
Juniper JUNOS	=19.2-r1-s4
Juniper JUNOS	=19.2-r1-s5
Juniper JUNOS	=19.2-r2
Juniper JUNOS	=19.2-r2-s1
Juniper JUNOS	=19.2-r3
Juniper JUNOS	=19.2-r3-s1
Juniper JUNOS	=19.3-r1
Juniper JUNOS	=19.3-r1-s1
Juniper JUNOS	=19.3-r2
Juniper JUNOS	=19.3-r2-s1
Juniper JUNOS	=19.3-r2-s2
Juniper JUNOS	=19.3-r2-s3
Juniper JUNOS	=19.3-r2-s4
Juniper JUNOS	=19.3-r2-s5
Juniper JUNOS	=19.3-r3
Juniper JUNOS	=19.4-r1
Juniper JUNOS	=19.4-r1-s1
Juniper JUNOS	=19.4-r1-s2
Juniper JUNOS	=19.4-r1-s3
Juniper JUNOS	=19.4-r2
Juniper JUNOS	=19.4-r2-s1
Juniper JUNOS	=19.4-r2-s2
Juniper JUNOS	=19.4-r2-s3
Juniper JUNOS	=20.1-r1
Juniper JUNOS	=20.1-r1-s1
Juniper JUNOS	=20.1-r1-s2
Juniper JUNOS	=20.1-r1-s3
Juniper JUNOS	=20.1-r1-s4
Juniper JUNOS	=20.2-r1
Juniper JUNOS	=20.2-r1-s1
Juniper JUNOS	=20.2-r1-s2
Juniper JUNOS	=20.2-r1-s3
Juniper JUNOS	=20.3-r1
Juniper JUNOS	=20.3-r1-s1

Remedy

The following software releases have been updated to resolve this specific issue: Junos OS: 17.3R3-S11, 17.4R2-S13, 17.4R3-S4, 18.3R3-S4, 18.4R1-S8, 18.4R2-S8, 18.4R3-S6, 19.1R3-S4, 19.2R1-S6, 19.2R3-S2, 19.3R2-S6, 19.3R3-S1, 19.4R1-S4, 19.4R2-S4, 19.4R3, 20.1R2, 20.2R2, 20.3R1-S2, 20.3R2, 20.4R1, and all subsequent releases; Junos OS Evolved: 20.1R3-EVO, 20.2R3-EVO, 20.3R2-EVO, 20.4R1-EVO, and all subsequent releases.

Never miss a vulnerability like this again

Reference Links

https://kb.juniper.net/JSA69511

collector/nvd-index
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/remedy
agent/severity
agent/author
agent/weakness
agent/title
agent/last-modified-date
agent/references
agent/tags
agent/description
agent/first-publish-date
agent/event
vendor/juniper
canonical/juniper junos os evolved
version/juniper junos os evolved/20.1-r1
version/juniper junos os evolved/20.1-r1-s1
version/juniper junos os evolved/20.1-r2
version/juniper junos os evolved/20.1-r2-s1
version/juniper junos os evolved/20.1-r2-s2
version/juniper junos os evolved/20.1-r2-s3
version/juniper junos os evolved/20.1-r2-s4
version/juniper junos os evolved/20.1-r2-s5
version/juniper junos os evolved/20.2-r1
version/juniper junos os evolved/20.2-r1-s1
version/juniper junos os evolved/20.2-r2
version/juniper junos os evolved/20.2-r2-s1
version/juniper junos os evolved/20.3-r1
version/juniper junos os evolved/20.3-r1-s1
version/juniper junos os evolved/20.3-r1-s2
version/juniper junos os evolved/20.3-r1-s3
canonical/juniper junos
version/juniper junos/17.3
version/juniper junos/17.3-r1
version/juniper junos/17.3-r1-s1
version/juniper junos/17.3-r1-s4
version/juniper junos/17.3-r2
version/juniper junos/17.3-r2-s1
version/juniper junos/17.3-r2-s2
version/juniper junos/17.3-r2-s3
version/juniper junos/17.3-r2-s4
version/juniper junos/17.3-r2-s5
version/juniper junos/17.3-r3
version/juniper junos/17.3-r3-s1
version/juniper junos/17.3-r3-s10
version/juniper junos/17.3-r3-s2
version/juniper junos/17.3-r3-s3
version/juniper junos/17.3-r3-s4
version/juniper junos/17.3-r3-s5
version/juniper junos/17.3-r3-s6
version/juniper junos/17.3-r3-s7
version/juniper junos/17.3-r3-s8
version/juniper junos/17.3-r3-s9
version/juniper junos/17.4-r1
version/juniper junos/17.4-r1-s1
version/juniper junos/17.4-r1-s2
version/juniper junos/17.4-r1-s3
version/juniper junos/17.4-r1-s4
version/juniper junos/17.4-r1-s5
version/juniper junos/17.4-r1-s6
version/juniper junos/17.4-r1-s7
version/juniper junos/17.4-r2
version/juniper junos/17.4-r2-s1
version/juniper junos/17.4-r2-s10
version/juniper junos/17.4-r2-s11
version/juniper junos/17.4-r2-s12
version/juniper junos/17.4-r2-s2
version/juniper junos/17.4-r2-s3
version/juniper junos/17.4-r2-s4
version/juniper junos/17.4-r2-s5
version/juniper junos/17.4-r2-s6
version/juniper junos/17.4-r2-s7
version/juniper junos/17.4-r2-s8
version/juniper junos/17.4-r2-s9
version/juniper junos/17.4-r3
version/juniper junos/17.4-r3-s1
version/juniper junos/17.4-r3-s2
version/juniper junos/17.4-r3-s3
version/juniper junos/18.3-r1
version/juniper junos/18.3-r1-s1
version/juniper junos/18.3-r1-s2
version/juniper junos/18.3-r1-s3
version/juniper junos/18.3-r1-s4
version/juniper junos/18.3-r1-s5
version/juniper junos/18.3-r1-s6
version/juniper junos/18.3-r2
version/juniper junos/18.3-r2-s1
version/juniper junos/18.3-r2-s2
version/juniper junos/18.3-r2-s3
version/juniper junos/18.3-r2-s4
version/juniper junos/18.3-r3
version/juniper junos/18.3-r3-s1
version/juniper junos/18.3-r3-s2
version/juniper junos/18.3-r3-s3
version/juniper junos/18.4-r1
version/juniper junos/18.4-r1-s1
version/juniper junos/18.4-r1-s2
version/juniper junos/18.4-r1-s3
version/juniper junos/18.4-r1-s4
version/juniper junos/18.4-r1-s5
version/juniper junos/18.4-r1-s6
version/juniper junos/18.4-r1-s7
version/juniper junos/18.4-r2
version/juniper junos/18.4-r2-s1
version/juniper junos/18.4-r2-s2
version/juniper junos/18.4-r2-s3
version/juniper junos/18.4-r2-s4
version/juniper junos/18.4-r2-s5
version/juniper junos/18.4-r2-s6
version/juniper junos/18.4-r2-s7
version/juniper junos/18.4-r3
version/juniper junos/18.4-r3-s1
version/juniper junos/18.4-r3-s2
version/juniper junos/18.4-r3-s3
version/juniper junos/18.4-r3-s4
version/juniper junos/18.4-r3-s5
version/juniper junos/19.1-r1
version/juniper junos/19.1-r1-s1
version/juniper junos/19.1-r1-s2
version/juniper junos/19.1-r1-s3
version/juniper junos/19.1-r1-s4
version/juniper junos/19.1-r1-s5
version/juniper junos/19.1-r1-s6
version/juniper junos/19.1-r2
version/juniper junos/19.1-r2-s1
version/juniper junos/19.1-r2-s2
version/juniper junos/19.1-r2-s3
version/juniper junos/19.1-r3
version/juniper junos/19.1-r3-s1
version/juniper junos/19.1-r3-s2
version/juniper junos/19.1-r3-s3
version/juniper junos/19.2-r1
version/juniper junos/19.2-r1-s1
version/juniper junos/19.2-r1-s2
version/juniper junos/19.2-r1-s3
version/juniper junos/19.2-r1-s4
version/juniper junos/19.2-r1-s5
version/juniper junos/19.2-r2
version/juniper junos/19.2-r2-s1
version/juniper junos/19.2-r3
version/juniper junos/19.2-r3-s1
version/juniper junos/19.3-r1
version/juniper junos/19.3-r1-s1
version/juniper junos/19.3-r2
version/juniper junos/19.3-r2-s1
version/juniper junos/19.3-r2-s2
version/juniper junos/19.3-r2-s3
version/juniper junos/19.3-r2-s4
version/juniper junos/19.3-r2-s5
version/juniper junos/19.3-r3
version/juniper junos/19.4-r1
version/juniper junos/19.4-r1-s1
version/juniper junos/19.4-r1-s2
version/juniper junos/19.4-r1-s3
version/juniper junos/19.4-r2
version/juniper junos/19.4-r2-s1
version/juniper junos/19.4-r2-s2
version/juniper junos/19.4-r2-s3
version/juniper junos/20.1-r1
version/juniper junos/20.1-r1-s1
version/juniper junos/20.1-r1-s2
version/juniper junos/20.1-r1-s3
version/juniper junos/20.1-r1-s4
version/juniper junos/20.2-r1
version/juniper junos/20.2-r1-s1
version/juniper junos/20.2-r1-s2
version/juniper junos/20.2-r1-s3
version/juniper junos/20.3-r1
version/juniper junos/20.3-r1-s1

CVE-2022-22197: Junos OS and Junos OS Evolved: An rpd core will be observed with proxy BGP route-target filtering enabled and certain route add and delete event happening

Remedy

Never miss a vulnerability like this again

Reference Links

Company

Resources

Contact