CVE-2022-22203: Junos OS: EX4600 Series and QFX5000 Series: Receipt of specific traffic will lead to an fxpc process crash followed by an FPC reboot
First published: Wed Jul 20 2022(Updated: )
An Incorrect Comparison vulnerability in PFE of Juniper Networks Junos OS allows an adjacent unauthenticated attacker to cause a Denial of Service (DoS). On QFX5000 Series, and EX4600 and EX4650 platforms, the fxpc process will crash followed by the FPC reboot upon receipt of a specific hostbound packet. Continued receipt of these specific packets will create a sustained Denial of Service (DoS) condition. This issue only affects Juniper Networks Junos OS 19.4 version 19.4R3-S4.
Credit: sirt@juniper.net
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Juniper JUNOS | =19.4-r3-s4 | |
| Juniper EX4600 | ||
| Juniper Ex4650 | ||
| Juniper Qfx5100 | ||
| Juniper Qfx5110 | ||
| Juniper Qfx5120 | ||
| Juniper Qfx5130 | ||
| Juniper Qfx5200 | ||
| Juniper Qfx5210 | ||
| Juniper Qfx5220 | ||
| Juniper Qfx5700 |
Remedy
The following software releases have been updated to resolve this specific issue: 19.4R3-S5, and all subsequent releases.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2022-22203?
CVE-2022-22203 is an Incorrect Comparison vulnerability in PFE of Juniper Networks Junos OS that allows an adjacent unauthenticated attacker to cause a Denial of Service (DoS).
Which software is affected by CVE-2022-22203?
Juniper JUNOS version 19.4-r3-s4 is affected by CVE-2022-22203.
What is the severity of CVE-2022-22203?
CVE-2022-22203 has a severity level of medium.
How can I fix CVE-2022-22203?
To fix CVE-2022-22203, it is recommended to apply the necessary updates or patches provided by Juniper Networks.
Where can I find more information about CVE-2022-22203?
You can find more information about CVE-2022-22203 on the Juniper Networks knowledge base at https://kb.juniper.net/JSA69707.
- collector/nvd-index
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/remedy
- agent/severity
- agent/author
- agent/weakness
- agent/title
- agent/last-modified-date
- agent/references
- agent/softwarecombine
- agent/tags
- agent/description
- agent/first-publish-date
- agent/event
- vendor/juniper
- canonical/juniper junos
- version/juniper junos/19.4-r3-s4
- canonical/juniper ex4600
- canonical/juniper ex4650
- canonical/juniper qfx5100
- canonical/juniper qfx5110
- canonical/juniper qfx5120
- canonical/juniper qfx5130
- canonical/juniper qfx5200
- canonical/juniper qfx5210
- canonical/juniper qfx5220
- canonical/juniper qfx5700