Vulnerability Details : CVE-2022-22247

An Improper Input Validation vulnerability in ingress TCP segment processing of Juniper Networks Junos OS Evolved allows a network-based unauthenticated attacker to send a crafted TCP segment to the device, triggering a kernel panic, leading to a Denial of Service (DoS) condition. Continued receipt and processing of this TCP segment could create a sustained Denial of Service (DoS) condition. This issue affects Juniper Networks Junos OS Evolved: 21.3 versions prior to 21.3R3-EVO; 21.4 versions prior to 21.4R2-EVO; 22.1 versions prior to 22.1R2-EVO. This issue does not affect Juniper Networks Junos OS Evolved versions prior to 21.3R1-EVO.

Vulnerability category: Input validationDenial of service

Published 2022-10-18 03:15:11

Updated 2022-10-20 15:19:07

Source Juniper Networks, Inc.

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2022-22247

Probability of exploitation activity in the next 30 days: 0.09%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 36 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2022-22247

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Source
7.5	HIGH	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H	3.9	3.6	sirt@juniper.net
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: None Integrity: None Availability: High

CWE ids for CVE-2022-22247

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
Assigned by:
- nvd@nist.gov (Primary)
- sirt@juniper.net (Secondary)

References for CVE-2022-22247

https://kb.juniper.net/JSA69904

2022-10 Security Bulletin: Junos OS Evolved: Kernel processing of unvalidated TCP segments could lead to a Denial of Service (DoS) (CVE-2022-22247)
Vendor Advisory

Products affected by CVE-2022-22247

Juniper » Junos Os Evolved » Version: 21.3 Update R1
cpe:2.3:o:juniper:junos_os_evolved:21.3:r1:*:*:*:*:*:*
Matching versions
Juniper » Junos Os Evolved » Version: 21.3 Update R1-s1
cpe:2.3:o:juniper:junos_os_evolved:21.3:r1-s1:*:*:*:*:*:*
Matching versions
Juniper » Junos Os Evolved » Version: 21.4 Update R1
cpe:2.3:o:juniper:junos_os_evolved:21.4:r1:*:*:*:*:*:*
Matching versions
Juniper » Junos Os Evolved » Version: 21.4 Update R1-s1
cpe:2.3:o:juniper:junos_os_evolved:21.4:r1-s1:*:*:*:*:*:*
Matching versions
Juniper » Junos Os Evolved » Version: 21.3 Update R2
cpe:2.3:o:juniper:junos_os_evolved:21.3:r2:*:*:*:*:*:*
Matching versions
Juniper » Junos Os Evolved » Version: 21.4
cpe:2.3:o:juniper:junos_os_evolved:21.4:-:*:*:*:*:*:*
Matching versions
Juniper » Junos Os Evolved » Version: 21.3
cpe:2.3:o:juniper:junos_os_evolved:21.3:-:*:*:*:*:*:*
Matching versions
Juniper » Junos Os Evolved » Version: 22.1 Update R1
cpe:2.3:o:juniper:junos_os_evolved:22.1:r1:*:*:*:*:*:*
Matching versions