First published: Wed Jul 20 2022(Updated: )
An Exposure of Sensitive Information to an Unauthorized Actor vulnerability in the PFE of Juniper Networks Junos OS on PTX Series and QFX10k Series allows an adjacent unauthenticated attacker to gain access to sensitive information. PTX1000 and PTX10000 Series, and QFX10000 Series and PTX5000 Series devices sometimes do not reliably pad Ethernet packets, and thus some packets can contain fragments of system memory or data from previous packets. This issue is also known as 'Etherleak' and often detected as CVE-2003-0001. This issue affects: Juniper Networks Junos OS on PTX1000 and PTX10000 Series: All versions prior to 18.4R3-S11; 19.1 versions prior to 19.1R2-S3, 19.1R3-S7; 19.2 versions prior to 19.2R1-S8, 19.2R3-S4; 19.3 versions prior to 19.3R3-S4; 19.4 versions prior to 19.4R2-S5, 19.4R3-S6; 20.1 versions prior to 20.1R3-S2; 20.2 versions prior to 20.2R3-S3; 20.3 versions prior to 20.3R3-S2; 20.4 versions prior to 20.4R3-S4; 21.1 versions prior to 21.1R2-S1, 21.1R3; 21.2 versions prior to 21.2R1-S1, 21.2R2. Juniper Networks Junos OS on QFX10000 Series and PTX5000 Series: All versions prior to 18.3R3-S6; 18.4 versions prior to 18.4R2-S9, 18.4R3-S10; 19.1 versions prior to 19.1R2-S3, 19.1R3-S7; 19.2 versions prior to 19.2R1-S8, 19.2R3-S4; 19.3 versions prior to 19.3R3-S4; 19.4 versions prior to 19.4R2-S6, 19.4R3-S6; 20.1 versions prior to 20.1R3-S2; 20.2 versions prior to 20.2R3-S3; 20.3 versions prior to 20.3R3-S1; 20.4 versions prior to 20.4R3-S1; 21.1 versions prior to 21.1R2-S1, 21.1R3; 21.2 versions prior to 21.2R2.
Credit: sirt@juniper.net
Affected Software | Affected Version | How to fix |
---|---|---|
Junos OS Evolved | <18.4 | |
Junos OS Evolved | =18.4 | |
Junos OS Evolved | =18.4-r1 | |
Junos OS Evolved | =18.4-r1-s1 | |
Junos OS Evolved | =18.4-r1-s2 | |
Junos OS Evolved | =18.4-r1-s3 | |
Junos OS Evolved | =18.4-r1-s4 | |
Junos OS Evolved | =18.4-r1-s5 | |
Junos OS Evolved | =18.4-r1-s6 | |
Junos OS Evolved | =18.4-r1-s7 | |
Junos OS Evolved | =18.4-r2 | |
Junos OS Evolved | =18.4-r2-s1 | |
Junos OS Evolved | =18.4-r2-s10 | |
Junos OS Evolved | =18.4-r2-s2 | |
Junos OS Evolved | =18.4-r2-s3 | |
Junos OS Evolved | =18.4-r2-s4 | |
Junos OS Evolved | =18.4-r2-s5 | |
Junos OS Evolved | =18.4-r2-s6 | |
Junos OS Evolved | =18.4-r2-s7 | |
Junos OS Evolved | =18.4-r2-s8 | |
Junos OS Evolved | =18.4-r2-s9 | |
Junos OS Evolved | =18.4-r3 | |
Junos OS Evolved | =18.4-r3-s1 | |
Junos OS Evolved | =18.4-r3-s10 | |
Junos OS Evolved | =18.4-r3-s2 | |
Junos OS Evolved | =18.4-r3-s3 | |
Junos OS Evolved | =18.4-r3-s4 | |
Junos OS Evolved | =18.4-r3-s5 | |
Junos OS Evolved | =18.4-r3-s6 | |
Junos OS Evolved | =18.4-r3-s7 | |
Junos OS Evolved | =18.4-r3-s8 | |
Junos OS Evolved | =18.4-r3-s9 | |
Junos OS Evolved | =19.1 | |
Junos OS Evolved | =19.1-r1 | |
Junos OS Evolved | =19.1-r1-s1 | |
Junos OS Evolved | =19.1-r1-s2 | |
Junos OS Evolved | =19.1-r1-s3 | |
Junos OS Evolved | =19.1-r1-s4 | |
Junos OS Evolved | =19.1-r1-s5 | |
Junos OS Evolved | =19.1-r1-s6 | |
Junos OS Evolved | =19.1-r2 | |
Junos OS Evolved | =19.1-r2-s1 | |
Junos OS Evolved | =19.1-r2-s2 | |
Junos OS Evolved | =19.1-r3 | |
Junos OS Evolved | =19.1-r3-s1 | |
Junos OS Evolved | =19.1-r3-s2 | |
Junos OS Evolved | =19.1-r3-s3 | |
Junos OS Evolved | =19.1-r3-s4 | |
Junos OS Evolved | =19.1-r3-s5 | |
Junos OS Evolved | =19.1-r3-s6 | |
Junos OS Evolved | =19.2 | |
Junos OS Evolved | =19.2-r1 | |
Junos OS Evolved | =19.2-r1-s1 | |
Junos OS Evolved | =19.2-r1-s2 | |
Junos OS Evolved | =19.2-r1-s3 | |
Junos OS Evolved | =19.2-r1-s4 | |
Junos OS Evolved | =19.2-r1-s5 | |
Junos OS Evolved | =19.2-r1-s6 | |
Junos OS Evolved | =19.2-r1-s7 | |
Junos OS Evolved | =19.2-r1-s8 | |
Junos OS Evolved | =19.2-r2 | |
Junos OS Evolved | =19.2-r2-s1 | |
Junos OS Evolved | =19.2-r3 | |
Junos OS Evolved | =19.2-r3-s1 | |
Junos OS Evolved | =19.2-r3-s2 | |
Junos OS Evolved | =19.2-r3-s3 | |
Junos OS Evolved | =19.3 | |
Junos OS Evolved | =19.3-r1 | |
Junos OS Evolved | =19.3-r1-s1 | |
Junos OS Evolved | =19.3-r2 | |
Junos OS Evolved | =19.3-r2-s1 | |
Junos OS Evolved | =19.3-r2-s2 | |
Junos OS Evolved | =19.3-r2-s3 | |
Junos OS Evolved | =19.3-r2-s4 | |
Junos OS Evolved | =19.3-r2-s5 | |
Junos OS Evolved | =19.3-r2-s6 | |
Junos OS Evolved | =19.3-r3 | |
Junos OS Evolved | =19.3-r3-s1 | |
Junos OS Evolved | =19.3-r3-s2 | |
Junos OS Evolved | =19.3-r3-s3 | |
Junos OS Evolved | =19.4 | |
Junos OS Evolved | =19.4-r1 | |
Junos OS Evolved | =19.4-r1-s1 | |
Junos OS Evolved | =19.4-r1-s2 | |
Junos OS Evolved | =19.4-r1-s3 | |
Junos OS Evolved | =19.4-r1-s4 | |
Junos OS Evolved | =19.4-r2 | |
Junos OS Evolved | =19.4-r2-s1 | |
Junos OS Evolved | =19.4-r2-s2 | |
Junos OS Evolved | =19.4-r2-s3 | |
Junos OS Evolved | =19.4-r2-s4 | |
Junos OS Evolved | =19.4-r3 | |
Junos OS Evolved | =19.4-r3-s1 | |
Junos OS Evolved | =19.4-r3-s2 | |
Junos OS Evolved | =19.4-r3-s3 | |
Junos OS Evolved | =19.4-r3-s4 | |
Junos OS Evolved | =19.4-r3-s5 | |
Junos OS Evolved | =20.1 | |
Junos OS Evolved | =20.1-r1 | |
Junos OS Evolved | =20.1-r1-s1 | |
Junos OS Evolved | =20.1-r1-s2 | |
Junos OS Evolved | =20.1-r1-s3 | |
Junos OS Evolved | =20.1-r1-s4 | |
Junos OS Evolved | =20.1-r2 | |
Junos OS Evolved | =20.1-r2-s1 | |
Junos OS Evolved | =20.1-r2-s2 | |
Junos OS Evolved | =20.1-r3 | |
Junos OS Evolved | =20.1-r3-s1 | |
Junos OS Evolved | =20.2 | |
Junos OS Evolved | =20.2-r1 | |
Junos OS Evolved | =20.2-r1-s1 | |
Junos OS Evolved | =20.2-r1-s2 | |
Junos OS Evolved | =20.2-r1-s3 | |
Junos OS Evolved | =20.2-r2 | |
Junos OS Evolved | =20.2-r2-s1 | |
Junos OS Evolved | =20.2-r2-s2 | |
Junos OS Evolved | =20.2-r2-s3 | |
Junos OS Evolved | =20.2-r3 | |
Junos OS Evolved | =20.2-r3-s1 | |
Junos OS Evolved | =20.2-r3-s2 | |
Junos OS Evolved | =20.3 | |
Junos OS Evolved | =20.3-r1 | |
Junos OS Evolved | =20.3-r1-s1 | |
Junos OS Evolved | =20.3-r1-s2 | |
Junos OS Evolved | =20.3-r2 | |
Junos OS Evolved | =20.3-r2-s1 | |
Junos OS Evolved | =20.3-r3 | |
Junos OS Evolved | =20.3-r3-s1 | |
Junos OS Evolved | =20.3-r3-s2 | |
Junos OS Evolved | =20.3-r3-s3 | |
Junos OS Evolved | =20.4 | |
Junos OS Evolved | =20.4-r1 | |
Junos OS Evolved | =20.4-r1-s1 | |
Junos OS Evolved | =20.4-r2 | |
Junos OS Evolved | =20.4-r2-s1 | |
Junos OS Evolved | =20.4-r2-s2 | |
Junos OS Evolved | =20.4-r3 | |
Junos OS Evolved | =20.4-r3-s1 | |
Junos OS Evolved | =20.4-r3-s2 | |
Junos OS Evolved | =20.4-r3-s3 | |
Junos OS Evolved | =21.1 | |
Junos OS Evolved | =21.1-r1 | |
Junos OS Evolved | =21.1-r1-s1 | |
Junos OS Evolved | =21.1-r2 | |
Junos OS Evolved | =21.2 | |
Junos OS Evolved | =21.2-r1 | |
Juniper PTX1000 | ||
Juniper PTX10001-36MR | ||
Juniper PTX10002 | ||
Juniper PTX10003 80C | ||
Juniper PTX10004 | ||
Juniper PTX10008 | ||
Juniper PTX10016 | ||
Junos OS Evolved | <18.3 | |
Junos OS Evolved | =18.3 | |
Junos OS Evolved | =18.3-r1 | |
Junos OS Evolved | =18.3-r1-s1 | |
Junos OS Evolved | =18.3-r1-s2 | |
Junos OS Evolved | =18.3-r1-s3 | |
Junos OS Evolved | =18.3-r1-s4 | |
Junos OS Evolved | =18.3-r1-s5 | |
Junos OS Evolved | =18.3-r1-s6 | |
Junos OS Evolved | =18.3-r2 | |
Junos OS Evolved | =18.3-r2-s1 | |
Junos OS Evolved | =18.3-r2-s2 | |
Junos OS Evolved | =18.3-r2-s3 | |
Junos OS Evolved | =18.3-r2-s4 | |
Junos OS Evolved | =18.3-r3 | |
Junos OS Evolved | =18.3-r3-s1 | |
Junos OS Evolved | =18.3-r3-s2 | |
Junos OS Evolved | =18.3-r3-s3 | |
Junos OS Evolved | =18.3-r3-s4 | |
Junos OS Evolved | =18.3-r3-s5 | |
Junos OS Evolved | =18.4-r3-s11 | |
Junos OS Evolved | =19.1-r3-s7 | |
Junos OS Evolved | =19.4-r2-s5 | |
Junos OS Evolved | =21.2-r1-s1 | |
Junos OS Evolved | =21.2-r1-s2 | |
Juniper PTX Series | ||
Juniper QFX10002-60C | ||
Juniper Networks QFX-Series | ||
Juniper Networks QFX-Series |
The following software releases have been updated to resolve this specific issue for Junos OS on PTX1000 and PTX10000 Series: 18.4R3-S11, 19.1R2-S3, 19.1R3-S7, 19.2R1-S8, 19.2R3-S4, 19.3R3-S4, 19.4R2-S5, 19.4R3-S6, 20.1R3-S2, 20.2R3-S3, 20.3R3-S2, 20.4R3-S4, 21.1R2-S1, 21.1R3, 21.2R1-S1, 21.2R2, 21.2R3, 21.3R1, and all subsequent releases. The following software releases have been updated to resolve this specific issue for Junos OS on QFX10000 Series and PTX5000 Series: 18.3R3-S6 ,18.4R2-S9, 18.4R3-S10, 19.1R2-S3, 19.1R3-S7, 19.2R1-S8, 19.2R3-S4, 19.3R3-S4, 19.4R2-S6, 19.4R3-S6, 20.1R3-S2, 20.2R3-S3, 20.3R3-S1, 20.4R3-S1, 21.1R2-S1, 21.1R3, 21.2R2, 21.2R3, 21.3R1, and all subsequent releases.
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2022-22216 is classified as high due to the potential exposure of sensitive information.
To fix CVE-2022-22216, upgrade your Junos OS to the recommended versions that address the vulnerability.
CVE-2022-22216 affects Juniper Networks Junos OS running on PTX Series and QFX10k Series devices.
The impact of CVE-2022-22216 includes unauthorized access to sensitive information by adjacent unauthenticated attackers.
CVE-2022-22216 was disclosed on January 4, 2022.