CVE-2022-22207 - Vulnerability Details

Vendors	Products
Juniper	Junos Mx10 Mx10000 Mx10003 Mx10008 Mx10016 Mx104 Mx150 Mx2008 Mx2010 Mx2020 Mx204 Mx240 Mx40 Mx480 Mx5 Mx80 Mx960

Link	Providers
https://kb.juniper.net/JSA69711

Show plain JSON

{"containers": {"cna": {"affected": [{"platforms": ["MX Series"], "product": "Junos OS", "vendor": "Juniper Networks", "versions": [{"lessThan": "20.1*", "status": "affected", "version": "20.1R1", "versionType": "custom"}, {"lessThan": "20.2R3-S5", "status": "affected", "version": "20.2", "versionType": "custom"}, {"lessThan": "20.3R3-S4", "status": "affected", "version": "20.3", "versionType": "custom"}, {"lessThan": "20.4R3", "status": "affected", "version": "20.4", "versionType": "custom"}, {"lessThan": "21.1R2", "status": "affected", "version": "21.1", "versionType": "custom"}, {"lessThan": "21.2R2", "status": "affected", "version": "21.2", "versionType": "custom"}]}], "configurations": [{"lang": "en", "value": "For this issue to exist the following configuration is required:\n\n  [ chassis network-slices ]"}], "datePublic": "2022-07-13T00:00:00", "descriptions": [{"lang": "en", "value": "A Use After Free vulnerability in the Advanced Forwarding Toolkit (AFT) manager process (aftmand) of Juniper Networks Junos OS allows an unauthenticated networked attacker to cause a kernel crash due to intensive polling of Abstracted Fabric (AF) interface statistics and thereby a Denial of Service (DoS). Continued gathering of AF interface statistics will create a sustained Denial of Service (DoS) condition. This issue affects Juniper Networks Junos OS on MX Series: 20.1 versions later than 20.1R1; 20.2 versions prior to 20.2R3-S5; 20.3 versions prior to 20.3R3-S4; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R2; 21.2 versions prior to 21.2R2."}], "exploits": [{"lang": "en", "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-416", "description": "CWE-416 Use After Free", "lang": "en", "type": "CWE"}]}, {"descriptions": [{"description": "Denial of Service (DoS)", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2022-07-20T14:14:10", "orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "shortName": "juniper"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://kb.juniper.net/JSA69711"}], "solutions": [{"lang": "en", "value": "The following Junos OS software releases have been updated to resolve this specific issue Junos OS: 20.2R3-S5, 20.3R3-S4, 20.4R3, 21.1R2, 21.2R2, 21.3R1, and all subsequent releases."}], "source": {"advisory": "JSA69711", "defect": ["1602531"], "discovery": "USER"}, "title": "Junos OS: MX Series with MPC11: In a GNF / node slicing scenario gathering AF interface statistics can lead to a kernel crash", "workarounds": [{"lang": "en", "value": "There are no viable workarounds for this issue.\nTo reduce the risk of exploitation of this issue, use access lists or firewall filters to limit access to only trusted networks, hosts and users."}], "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "sirt@juniper.net", "DATE_PUBLIC": "2022-07-13T16:00:00.000Z", "ID": "CVE-2022-22207", "STATE": "PUBLIC", "TITLE": "Junos OS: MX Series with MPC11: In a GNF / node slicing scenario gathering AF interface statistics can lead to a kernel crash"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Junos OS", "version": {"version_data": [{"platform": "MX Series", "version_affected": ">", "version_name": "20.1", "version_value": "20.1R1"}, {"platform": "MX Series", "version_affected": "<", "version_name": "20.2", "version_value": "20.2R3-S5"}, {"platform": "MX Series", "version_affected": "<", "version_name": "20.3", "version_value": "20.3R3-S4"}, {"platform": "MX Series", "version_affected": "<", "version_name": "20.4", "version_value": "20.4R3"}, {"platform": "MX Series", "version_affected": "<", "version_name": "21.1", "version_value": "21.1R2"}, {"platform": "MX Series", "version_affected": "<", "version_name": "21.2", "version_value": "21.2R2"}]}}]}, "vendor_name": "Juniper Networks"}]}}, "configuration": [{"lang": "en", "value": "For this issue to exist the following configuration is required:\n\n  [ chassis network-slices ]"}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A Use After Free vulnerability in the Advanced Forwarding Toolkit (AFT) manager process (aftmand) of Juniper Networks Junos OS allows an unauthenticated networked attacker to cause a kernel crash due to intensive polling of Abstracted Fabric (AF) interface statistics and thereby a Denial of Service (DoS). Continued gathering of AF interface statistics will create a sustained Denial of Service (DoS) condition. This issue affects Juniper Networks Junos OS on MX Series: 20.1 versions later than 20.1R1; 20.2 versions prior to 20.2R3-S5; 20.3 versions prior to 20.3R3-S4; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R2; 21.2 versions prior to 21.2R2."}]}, "exploit": [{"lang": "en", "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."}], "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-416 Use After Free"}]}, {"description": [{"lang": "eng", "value": "Denial of Service (DoS)"}]}]}, "references": {"reference_data": [{"name": "https://kb.juniper.net/JSA69711", "refsource": "CONFIRM", "url": "https://kb.juniper.net/JSA69711"}]}, "solution": [{"lang": "en", "value": "The following Junos OS software releases have been updated to resolve this specific issue Junos OS: 20.2R3-S5, 20.3R3-S4, 20.4R3, 21.1R2, 21.2R2, 21.3R1, and all subsequent releases."}], "source": {"advisory": "JSA69711", "defect": ["1602531"], "discovery": "USER"}, "work_around": [{"lang": "en", "value": "There are no viable workarounds for this issue.\nTo reduce the risk of exploitation of this issue, use access lists or firewall filters to limit access to only trusted networks, hosts and users."}]}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T03:07:50.158Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://kb.juniper.net/JSA69711"}]}]}, "cveMetadata": {"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "assignerShortName": "juniper", "cveId": "CVE-2022-22207", "datePublished": "2022-07-20T14:14:10.722516Z", "dateReserved": "2021-12-21T00:00:00", "dateUpdated": "2024-09-16T23:45:53.701Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

platforms : [ »

0 : MX Series (string)

]

product : Junos OS (string)

vendor : Juniper Networks (string)

versions : [ »

0 : { »

lessThan : 20.1* (string)

status : affected (string)

version : 20.1R1 (string)

versionType : custom (string)

}

1 : { »

lessThan : 20.2R3-S5 (string)

status : affected (string)

version : 20.2 (string)

versionType : custom (string)

}

2 : { »

lessThan : 20.3R3-S4 (string)

status : affected (string)

version : 20.3 (string)

versionType : custom (string)

}

3 : { »

lessThan : 20.4R3 (string)

status : affected (string)

version : 20.4 (string)

versionType : custom (string)

}

4 : { »

lessThan : 21.1R2 (string)

status : affected (string)

version : 21.1 (string)

versionType : custom (string)

}

5 : { »

lessThan : 21.2R2 (string)

status : affected (string)

version : 21.2 (string)

versionType : custom (string)

}

]

}

]

configurations : [ »

0 : { »

lang : en (string)

value : For this issue to exist the following configuration is required: [ chassis network-slices ] (string)

}

]

datePublic : 2022-07-13T00:00:00 (string)

descriptions : [ »

0 : { »

lang : en (string)

value : A Use After Free vulnerability in the Advanced Forwarding Toolkit (AFT) manager process (aftmand) of Juniper Networks Junos OS allows an unauthenticated networked attacker to cause a kernel crash due to intensive polling of Abstracted Fabric (AF) interface statistics and thereby a Denial of Service (DoS). Continued gathering of AF interface statistics will create a sustained Denial of Service (DoS) condition. This issue affects Juniper Networks Junos OS on MX Series: 20.1 versions later than 20.1R1; 20.2 versions prior to 20.2R3-S5; 20.3 versions prior to 20.3R3-S4; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R2; 21.2 versions prior to 21.2R2. (string)

}

]

exploits : [ »

0 : { »

lang : en (string)

value : Juniper SIRT is not aware of any malicious exploitation of this vulnerability. (string)

}

]

metrics : [ »

0 : { »

cvssV3_1 : { »

attackComplexity : LOW (string)

attackVector : NETWORK (string)

availabilityImpact : HIGH (string)

baseScore : 7.5 (number)

baseSeverity : HIGH (string)

confidentialityImpact : NONE (string)

integrityImpact : NONE (string)

privilegesRequired : NONE (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H (string)

version : 3.1 (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

cweId : CWE-416 (string)

description : CWE-416 Use After Free (string)

lang : en (string)

type : CWE (string)

}

]

}

1 : { »

descriptions : [ »

0 : { »

description : Denial of Service (DoS) (string)

lang : en (string)

type : text (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2022-07-20T14:14:10 (string)

orgId : 8cbe9d5a-a066-4c94-8978-4b15efeae968 (string)

shortName : juniper (string)

}

references : [ »

0 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : https://kb.juniper.net/JSA69711 (string)

}

]

solutions : [ »

0 : { »

lang : en (string)

value : The following Junos OS software releases have been updated to resolve this specific issue Junos OS: 20.2R3-S5, 20.3R3-S4, 20.4R3, 21.1R2, 21.2R2, 21.3R1, and all subsequent releases. (string)

}

]

source : { »

advisory : JSA69711 (string)

defect : [ »

0 : 1602531 (string)

]

discovery : USER (string)

}

title : Junos OS: MX Series with MPC11: In a GNF / node slicing scenario gathering AF interface statistics can lead to a kernel crash (string)

workarounds : [ »

0 : { »

lang : en (string)

value : There are no viable workarounds for this issue. To reduce the risk of exploitation of this issue, use access lists or firewall filters to limit access to only trusted networks, hosts and users. (string)

}

]

x_generator : { »

engine : Vulnogram 0.0.9 (string)

}

x_legacyV4Record : { »

CVE_data_meta : { »

ASSIGNER : sirt@juniper.net (string)

DATE_PUBLIC : 2022-07-13T16:00:00.000Z (string)

ID : CVE-2022-22207 (string)

STATE : PUBLIC (string)

TITLE : Junos OS: MX Series with MPC11: In a GNF / node slicing scenario gathering AF interface statistics can lead to a kernel crash (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

product_name : Junos OS (string)

version : { »

version_data : [ »

0 : { »

platform : MX Series (string)

version_affected : > (string)

version_name : 20.1 (string)

version_value : 20.1R1 (string)

}

1 : { »

platform : MX Series (string)

version_affected : < (string)

version_name : 20.2 (string)

version_value : 20.2R3-S5 (string)

}

2 : { »

platform : MX Series (string)

version_affected : < (string)

version_name : 20.3 (string)

version_value : 20.3R3-S4 (string)

}

3 : { »

platform : MX Series (string)

version_affected : < (string)

version_name : 20.4 (string)

version_value : 20.4R3 (string)

}

4 : { »

platform : MX Series (string)

version_affected : < (string)

version_name : 21.1 (string)

version_value : 21.1R2 (string)

}

5 : { »

platform : MX Series (string)

version_affected : < (string)

version_name : 21.2 (string)

version_value : 21.2R2 (string)

}

]

}

]

}

vendor_name : Juniper Networks (string)

}

]

}

configuration : [ »

0 : { »

lang : en (string)

value : For this issue to exist the following configuration is required: [ chassis network-slices ] (string)

}

]

data_format : MITRE (string)

data_type : CVE (string)

data_version : 4.0 (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

value : A Use After Free vulnerability in the Advanced Forwarding Toolkit (AFT) manager process (aftmand) of Juniper Networks Junos OS allows an unauthenticated networked attacker to cause a kernel crash due to intensive polling of Abstracted Fabric (AF) interface statistics and thereby a Denial of Service (DoS). Continued gathering of AF interface statistics will create a sustained Denial of Service (DoS) condition. This issue affects Juniper Networks Junos OS on MX Series: 20.1 versions later than 20.1R1; 20.2 versions prior to 20.2R3-S5; 20.3 versions prior to 20.3R3-S4; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R2; 21.2 versions prior to 21.2R2. (string)

}

]

}

exploit : [ »

0 : { »

lang : en (string)

value : Juniper SIRT is not aware of any malicious exploitation of this vulnerability. (string)

}

]

generator : { »

engine : Vulnogram 0.0.9 (string)

}

impact : { »

cvss : { »

attackComplexity : LOW (string)

attackVector : NETWORK (string)

availabilityImpact : HIGH (string)

baseScore : 7.5 (number)

baseSeverity : HIGH (string)

confidentialityImpact : NONE (string)

integrityImpact : NONE (string)

privilegesRequired : NONE (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H (string)

version : 3.1 (string)

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : CWE-416 Use After Free (string)

}

]

}

1 : { »

description : [ »

0 : { »

lang : eng (string)

value : Denial of Service (DoS) (string)

}

]

}

]

}

references : { »

reference_data : [ »

0 : { »

name : https://kb.juniper.net/JSA69711 (string)

refsource : CONFIRM (string)

url : https://kb.juniper.net/JSA69711 (string)

}

]

}

solution : [ »

0 : { »

lang : en (string)

value : The following Junos OS software releases have been updated to resolve this specific issue Junos OS: 20.2R3-S5, 20.3R3-S4, 20.4R3, 21.1R2, 21.2R2, 21.3R1, and all subsequent releases. (string)

}

]

source : { »

advisory : JSA69711 (string)

defect : [ »

0 : 1602531 (string)

]

discovery : USER (string)

}

work_around : [ »

0 : { »

lang : en (string)

value : There are no viable workarounds for this issue. To reduce the risk of exploitation of this issue, use access lists or firewall filters to limit access to only trusted networks, hosts and users. (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-03T03:07:50.158Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : https://kb.juniper.net/JSA69711 (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : 8cbe9d5a-a066-4c94-8978-4b15efeae968 (string)

assignerShortName : juniper (string)

cveId : CVE-2022-22207 (string)

datePublished : 2022-07-20T14:14:10.722516Z (string)

dateReserved : 2021-12-21T00:00:00 (string)

dateUpdated : 2024-09-16T23:45:53.701Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:20.1:r1-s1:*:*:*:*:*:*", "matchCriteriaId": "41CD982F-E6F2-4951-9F96-A76C142DF08E", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.1:r1-s2:*:*:*:*:*:*", "matchCriteriaId": "19FDC05F-5582-4F7E-B628-E58A3C0E7F2F", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.1:r1-s3:*:*:*:*:*:*", "matchCriteriaId": "401306D1-E9CE-49C6-8DC9-0E8747B9DC2C", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.1:r1-s4:*:*:*:*:*:*", "matchCriteriaId": "615EAF48-AD53-4CC2-B233-5EA5C0F72CB1", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.1:r2:*:*:*:*:*:*", "matchCriteriaId": "DC8E7547-6649-436D-BC45-184417680C72", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.1:r2-s1:*:*:*:*:*:*", "matchCriteriaId": "D9789FF8-D55C-4AF9-A250-E543A0EB826F", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.1:r2-s2:*:*:*:*:*:*", "matchCriteriaId": "5C238EB1-5A38-4877-8849-4A6D36918B3F", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.1:r3:*:*:*:*:*:*", "matchCriteriaId": "C21638A9-6AD8-4347-AA3F-64BC7BD71C0D", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.1:r3-s1:*:*:*:*:*:*", "matchCriteriaId": "D621DB7F-BC6B-4A07-8803-596B3ED11CF2", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.1:r3-s2:*:*:*:*:*:*", "matchCriteriaId": "A5620596-4DEE-41D7-A63F-224D814DAA77", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.1:r3-s3:*:*:*:*:*:*", "matchCriteriaId": "A8BBCEC0-5915-4F69-90FD-070A94145BB9", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:-:*:*:*:*:*:*", "matchCriteriaId": "D4CF52CF-F911-4615-9171-42F84429149F", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r1:*:*:*:*:*:*", "matchCriteriaId": "CD07B7E2-F5C2-4610-9133-FDA9E66DFF4F", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r1-s1:*:*:*:*:*:*", "matchCriteriaId": "D3C23AEB-34DE-44FB-8D64-E69D6E8B7401", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r1-s2:*:*:*:*:*:*", "matchCriteriaId": "18DB9401-5A51-4BB3-AC2F-58F58F1C788C", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r1-s3:*:*:*:*:*:*", "matchCriteriaId": "06F53DA5-59AE-403C-9B1E-41CE267D8BB1", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r2:*:*:*:*:*:*", "matchCriteriaId": "3332262F-81DA-4D78-99C9-514CADA46611", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r2-s1:*:*:*:*:*:*", "matchCriteriaId": "B46B63A2-1518-4A29-940C-F05624C9658D", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r2-s2:*:*:*:*:*:*", "matchCriteriaId": "8E0D4959-3865-42A7-98CD-1103EBD84528", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r2-s3:*:*:*:*:*:*", "matchCriteriaId": "3A58292B-814C-49E7-8D6D-BE26EFB9ADDF", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r3:*:*:*:*:*:*", "matchCriteriaId": "681AE183-7183-46E7-82EA-28C398FA1C3D", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r3-s1:*:*:*:*:*:*", "matchCriteriaId": "8A6E9627-8BF1-4BE8-844B-EE8F1C9478F0", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r3-s2:*:*:*:*:*:*", "matchCriteriaId": "0A80F23B-CD13-4745-BA92-67C23B297A18", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r3-s3:*:*:*:*:*:*", "matchCriteriaId": "67D4004B-1233-4258-9C7A-F05189146B44", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r3-s4:*:*:*:*:*:*", "matchCriteriaId": "69E33F24-D480-4B5F-956D-D435A551CBE7", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.3:-:*:*:*:*:*:*", "matchCriteriaId": "03009CC1-21AC-4A46-A747-D0C67FCD41DA", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.3:r1:*:*:*:*:*:*", "matchCriteriaId": "5C9BC697-C7C9-447D-9EBD-E9711462583E", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.3:r1-s1:*:*:*:*:*:*", "matchCriteriaId": "7B80433B-57B1-49EF-B1A1-83781D6102E3", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.3:r1-s2:*:*:*:*:*:*", "matchCriteriaId": "A352BB7A-6F17-4E64-BC02-1A7E4CD42653", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.3:r2:*:*:*:*:*:*", "matchCriteriaId": "05D8427C-CDDE-4B2F-9CB8-41B9137660E4", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.3:r2-s1:*:*:*:*:*:*", "matchCriteriaId": "F3DC01F2-6DFE-4A8E-9962-5E59AA965935", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.3:r3:*:*:*:*:*:*", "matchCriteriaId": "7DA0E196-925E-4056-B411-E158702D5D4F", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.3:r3-s1:*:*:*:*:*:*", "matchCriteriaId": "E33A522F-E35C-4473-9CBD-9C6E5A831086", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.3:r3-s2:*:*:*:*:*:*", "matchCriteriaId": "E9AE26EB-699B-4B10-87E2-9E731B820F32", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.3:r3-s3:*:*:*:*:*:*", "matchCriteriaId": "A29E0070-47E9-43DD-9303-C732FE8CC851", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:-:*:*:*:*:*:*", "matchCriteriaId": "3D361B23-A3C2-444B-BEB8-E231DA950567", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r1:*:*:*:*:*:*", "matchCriteriaId": "20DDC6B7-BFC4-4F0B-8E68-442C23765BF2", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r1-s1:*:*:*:*:*:*", "matchCriteriaId": "037BA01C-3F5C-4503-A633-71765E9EF774", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r2:*:*:*:*:*:*", "matchCriteriaId": "C54B047C-4B38-40C0-9855-067DCF7E48BD", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r2-s1:*:*:*:*:*:*", "matchCriteriaId": "38984199-E332-4A9C-A4C0-78083D052E15", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r2-s2:*:*:*:*:*:*", "matchCriteriaId": "AA6526FB-2941-4D18-9B2E-472AD5A62A53", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.1:-:*:*:*:*:*:*", "matchCriteriaId": "6FDB5B7D-FB37-47E3-8678-B9ED578CCA5F", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.1:r1:*:*:*:*:*:*", "matchCriteriaId": "625BA7E6-D2AD-4A48-9B94-24328BE5B06A", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.1:r1-s1:*:*:*:*:*:*", "matchCriteriaId": "F462F4E3-762C-429F-8D25-5521100DD37C", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.2:-:*:*:*:*:*:*", "matchCriteriaId": "216E7DDE-453D-481F-92E2-9F8466CDDA3F", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.2:r1:*:*:*:*:*:*", "matchCriteriaId": "A52AF794-B36B-43A6-82E9-628658624B0A", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.2:r1-s1:*:*:*:*:*:*", "matchCriteriaId": "3998DC76-F72F-4452-9150-652140B113EB", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.2:r1-s2:*:*:*:*:*:*", "matchCriteriaId": "36ED4552-2420-45F9-B6E4-6DA2B2B12870", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:juniper:mx10:-:*:*:*:*:*:*:*", "matchCriteriaId": "52699E2B-450A-431C-81E3-DC4483C8B4F2", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:mx10000:-:*:*:*:*:*:*:*", "matchCriteriaId": "D97AF6F8-3D50-4D35-BCB1-54E3BEC69B9F", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:mx10003:-:*:*:*:*:*:*:*", "matchCriteriaId": "D5627740-42E3-4FB1-B8B9-0B768AFFA1EC", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:mx10008:-:*:*:*:*:*:*:*", "matchCriteriaId": "D6F0EA2F-BF7E-45D0-B2B4-8A7B67A9475A", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:mx10016:-:*:*:*:*:*:*:*", "matchCriteriaId": "C39DA74D-F5C7-4C11-857D-50631A110644", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:mx104:-:*:*:*:*:*:*:*", "matchCriteriaId": "F72C850A-0530-4DB7-A553-7E19F82122B5", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:mx150:-:*:*:*:*:*:*:*", "matchCriteriaId": "7FE2089C-F341-4DC1-B76D-633BC699306D", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:mx2008:-:*:*:*:*:*:*:*", "matchCriteriaId": "2FEF33EB-B2E0-42EF-A1BB-D41021B6D08F", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:mx2010:-:*:*:*:*:*:*:*", "matchCriteriaId": "27175D9A-CA2C-4218-8042-835E25DFCA43", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:mx2020:-:*:*:*:*:*:*:*", "matchCriteriaId": "00C7FC57-8ACF-45AA-A227-7E3B350FD24F", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:mx204:-:*:*:*:*:*:*:*", "matchCriteriaId": "2754C2DF-DF6E-4109-9463-38B4E0465B77", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:mx240:-:*:*:*:*:*:*:*", "matchCriteriaId": "F4A26704-A6A4-4C4F-9E12-A0A0259491EF", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:mx40:-:*:*:*:*:*:*:*", "matchCriteriaId": "C982A2FF-A1F9-4830-BAB6-77CFCE1F093F", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:mx480:-:*:*:*:*:*:*:*", "matchCriteriaId": "104858BD-D31D-40E0-8524-2EC311F10EAC", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:mx5:-:*:*:*:*:*:*:*", "matchCriteriaId": "3B557965-0040-4048-B56C-F564FF28635B", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:mx80:-:*:*:*:*:*:*:*", "matchCriteriaId": "EB875EBD-A3CD-4466-B2A3-39D47FF94592", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:mx960:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5E08E1E-0FE4-4294-9497-BBFFECA2A220", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "A Use After Free vulnerability in the Advanced Forwarding Toolkit (AFT) manager process (aftmand) of Juniper Networks Junos OS allows an unauthenticated networked attacker to cause a kernel crash due to intensive polling of Abstracted Fabric (AF) interface statistics and thereby a Denial of Service (DoS). Continued gathering of AF interface statistics will create a sustained Denial of Service (DoS) condition. This issue affects Juniper Networks Junos OS on MX Series: 20.1 versions later than 20.1R1; 20.2 versions prior to 20.2R3-S5; 20.3 versions prior to 20.3R3-S4; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R2; 21.2 versions prior to 21.2R2."}, {"lang": "es", "value": "Una vulnerabilidad de Uso de Memoria Previamente Liberada en el proceso de administraci\u00f3n de Advanced Forwarding Toolkit (AFT) (aftmand) de Juniper Networks Junos OS permite a un atacante no autenticado en red causar un bloqueo del kernel debido al sondeo intensivo de las estad\u00edsticas de la interfaz de Abstracted Fabric (AF) y, por tanto, una Denegaci\u00f3n de Servicio (DoS). La recopilaci\u00f3n continuada de estad\u00edsticas de la interfaz AF crear\u00e1 una condici\u00f3n de Denegaci\u00f3n de Servicio (DoS) sostenida. Este problema afecta a Juniper Networks Junos OS en la serie MX: versiones 20.1 posteriores a 20.1R1; versiones 20.2 anteriores a 20.2R3-S5; versiones 20.3 anteriores a 20.3R3-S4; versiones 20.4 anteriores a 20.4R3; versiones 21.1 anteriores a 21.1R2; versiones 21.2 anteriores a 21.2R2"}], "id": "CVE-2022-22207", "lastModified": "2024-11-21T06:46:23.577", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "sirt@juniper.net", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-07-20T15:15:08.580", "references": [{"source": "sirt@juniper.net", "tags": ["Vendor Advisory"], "url": "https://kb.juniper.net/JSA69711"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://kb.juniper.net/JSA69711"}], "sourceIdentifier": "sirt@juniper.net", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-416"}], "source": "sirt@juniper.net", "type": "Secondary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:juniper:junos:20.1:r1-s1:*:*:*:*:*:* (string)

matchCriteriaId : 41CD982F-E6F2-4951-9F96-A76C142DF08E (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:o:juniper:junos:20.1:r1-s2:*:*:*:*:*:* (string)

matchCriteriaId : 19FDC05F-5582-4F7E-B628-E58A3C0E7F2F (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:o:juniper:junos:20.1:r1-s3:*:*:*:*:*:* (string)

matchCriteriaId : 401306D1-E9CE-49C6-8DC9-0E8747B9DC2C (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:o:juniper:junos:20.1:r1-s4:*:*:*:*:*:* (string)

matchCriteriaId : 615EAF48-AD53-4CC2-B233-5EA5C0F72CB1 (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:o:juniper:junos:20.1:r2:*:*:*:*:*:* (string)

matchCriteriaId : DC8E7547-6649-436D-BC45-184417680C72 (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:o:juniper:junos:20.1:r2-s1:*:*:*:*:*:* (string)

matchCriteriaId : D9789FF8-D55C-4AF9-A250-E543A0EB826F (string)

vulnerable : true (boolean)

}

6 : { »

criteria : cpe:2.3:o:juniper:junos:20.1:r2-s2:*:*:*:*:*:* (string)

matchCriteriaId : 5C238EB1-5A38-4877-8849-4A6D36918B3F (string)

vulnerable : true (boolean)

}

7 : { »

criteria : cpe:2.3:o:juniper:junos:20.1:r3:*:*:*:*:*:* (string)

matchCriteriaId : C21638A9-6AD8-4347-AA3F-64BC7BD71C0D (string)

vulnerable : true (boolean)

}

8 : { »

criteria : cpe:2.3:o:juniper:junos:20.1:r3-s1:*:*:*:*:*:* (string)

matchCriteriaId : D621DB7F-BC6B-4A07-8803-596B3ED11CF2 (string)

vulnerable : true (boolean)

}

9 : { »

criteria : cpe:2.3:o:juniper:junos:20.1:r3-s2:*:*:*:*:*:* (string)

matchCriteriaId : A5620596-4DEE-41D7-A63F-224D814DAA77 (string)

vulnerable : true (boolean)

}

10 : { »

criteria : cpe:2.3:o:juniper:junos:20.1:r3-s3:*:*:*:*:*:* (string)

matchCriteriaId : A8BBCEC0-5915-4F69-90FD-070A94145BB9 (string)

vulnerable : true (boolean)

}

11 : { »

criteria : cpe:2.3:o:juniper:junos:20.2:-:*:*:*:*:*:* (string)

matchCriteriaId : D4CF52CF-F911-4615-9171-42F84429149F (string)

vulnerable : true (boolean)

}

12 : { »

criteria : cpe:2.3:o:juniper:junos:20.2:r1:*:*:*:*:*:* (string)

matchCriteriaId : CD07B7E2-F5C2-4610-9133-FDA9E66DFF4F (string)

vulnerable : true (boolean)

}

13 : { »

criteria : cpe:2.3:o:juniper:junos:20.2:r1-s1:*:*:*:*:*:* (string)

matchCriteriaId : D3C23AEB-34DE-44FB-8D64-E69D6E8B7401 (string)

vulnerable : true (boolean)

}

14 : { »

criteria : cpe:2.3:o:juniper:junos:20.2:r1-s2:*:*:*:*:*:* (string)

matchCriteriaId : 18DB9401-5A51-4BB3-AC2F-58F58F1C788C (string)

vulnerable : true (boolean)

}

15 : { »

criteria : cpe:2.3:o:juniper:junos:20.2:r1-s3:*:*:*:*:*:* (string)

matchCriteriaId : 06F53DA5-59AE-403C-9B1E-41CE267D8BB1 (string)

vulnerable : true (boolean)

}

16 : { »

criteria : cpe:2.3:o:juniper:junos:20.2:r2:*:*:*:*:*:* (string)

matchCriteriaId : 3332262F-81DA-4D78-99C9-514CADA46611 (string)

vulnerable : true (boolean)

}

17 : { »

criteria : cpe:2.3:o:juniper:junos:20.2:r2-s1:*:*:*:*:*:* (string)

matchCriteriaId : B46B63A2-1518-4A29-940C-F05624C9658D (string)

vulnerable : true (boolean)

}

18 : { »

criteria : cpe:2.3:o:juniper:junos:20.2:r2-s2:*:*:*:*:*:* (string)

matchCriteriaId : 8E0D4959-3865-42A7-98CD-1103EBD84528 (string)

vulnerable : true (boolean)

}

19 : { »

criteria : cpe:2.3:o:juniper:junos:20.2:r2-s3:*:*:*:*:*:* (string)

matchCriteriaId : 3A58292B-814C-49E7-8D6D-BE26EFB9ADDF (string)

vulnerable : true (boolean)

}

20 : { »

criteria : cpe:2.3:o:juniper:junos:20.2:r3:*:*:*:*:*:* (string)

matchCriteriaId : 681AE183-7183-46E7-82EA-28C398FA1C3D (string)

vulnerable : true (boolean)

}

21 : { »

criteria : cpe:2.3:o:juniper:junos:20.2:r3-s1:*:*:*:*:*:* (string)

matchCriteriaId : 8A6E9627-8BF1-4BE8-844B-EE8F1C9478F0 (string)

vulnerable : true (boolean)

}

22 : { »

criteria : cpe:2.3:o:juniper:junos:20.2:r3-s2:*:*:*:*:*:* (string)

matchCriteriaId : 0A80F23B-CD13-4745-BA92-67C23B297A18 (string)

vulnerable : true (boolean)

}

23 : { »

criteria : cpe:2.3:o:juniper:junos:20.2:r3-s3:*:*:*:*:*:* (string)

matchCriteriaId : 67D4004B-1233-4258-9C7A-F05189146B44 (string)

vulnerable : true (boolean)

}

24 : { »

criteria : cpe:2.3:o:juniper:junos:20.2:r3-s4:*:*:*:*:*:* (string)

matchCriteriaId : 69E33F24-D480-4B5F-956D-D435A551CBE7 (string)

vulnerable : true (boolean)

}

25 : { »

criteria : cpe:2.3:o:juniper:junos:20.3:-:*:*:*:*:*:* (string)

matchCriteriaId : 03009CC1-21AC-4A46-A747-D0C67FCD41DA (string)

vulnerable : true (boolean)

}

26 : { »

criteria : cpe:2.3:o:juniper:junos:20.3:r1:*:*:*:*:*:* (string)

matchCriteriaId : 5C9BC697-C7C9-447D-9EBD-E9711462583E (string)

vulnerable : true (boolean)

}

27 : { »

criteria : cpe:2.3:o:juniper:junos:20.3:r1-s1:*:*:*:*:*:* (string)

matchCriteriaId : 7B80433B-57B1-49EF-B1A1-83781D6102E3 (string)

vulnerable : true (boolean)

}

28 : { »

criteria : cpe:2.3:o:juniper:junos:20.3:r1-s2:*:*:*:*:*:* (string)

matchCriteriaId : A352BB7A-6F17-4E64-BC02-1A7E4CD42653 (string)

vulnerable : true (boolean)

}

29 : { »

criteria : cpe:2.3:o:juniper:junos:20.3:r2:*:*:*:*:*:* (string)

matchCriteriaId : 05D8427C-CDDE-4B2F-9CB8-41B9137660E4 (string)

vulnerable : true (boolean)

}

30 : { »

criteria : cpe:2.3:o:juniper:junos:20.3:r2-s1:*:*:*:*:*:* (string)

matchCriteriaId : F3DC01F2-6DFE-4A8E-9962-5E59AA965935 (string)

vulnerable : true (boolean)

}

31 : { »

criteria : cpe:2.3:o:juniper:junos:20.3:r3:*:*:*:*:*:* (string)

matchCriteriaId : 7DA0E196-925E-4056-B411-E158702D5D4F (string)

vulnerable : true (boolean)

}

32 : { »

criteria : cpe:2.3:o:juniper:junos:20.3:r3-s1:*:*:*:*:*:* (string)

matchCriteriaId : E33A522F-E35C-4473-9CBD-9C6E5A831086 (string)

vulnerable : true (boolean)

}

33 : { »

criteria : cpe:2.3:o:juniper:junos:20.3:r3-s2:*:*:*:*:*:* (string)

matchCriteriaId : E9AE26EB-699B-4B10-87E2-9E731B820F32 (string)

vulnerable : true (boolean)

}

34 : { »

criteria : cpe:2.3:o:juniper:junos:20.3:r3-s3:*:*:*:*:*:* (string)

matchCriteriaId : A29E0070-47E9-43DD-9303-C732FE8CC851 (string)

vulnerable : true (boolean)

}

35 : { »

criteria : cpe:2.3:o:juniper:junos:20.4:-:*:*:*:*:*:* (string)

matchCriteriaId : 3D361B23-A3C2-444B-BEB8-E231DA950567 (string)

vulnerable : true (boolean)

}

36 : { »

criteria : cpe:2.3:o:juniper:junos:20.4:r1:*:*:*:*:*:* (string)

matchCriteriaId : 20DDC6B7-BFC4-4F0B-8E68-442C23765BF2 (string)

vulnerable : true (boolean)

}

37 : { »

criteria : cpe:2.3:o:juniper:junos:20.4:r1-s1:*:*:*:*:*:* (string)

matchCriteriaId : 037BA01C-3F5C-4503-A633-71765E9EF774 (string)

vulnerable : true (boolean)

}

38 : { »

criteria : cpe:2.3:o:juniper:junos:20.4:r2:*:*:*:*:*:* (string)

matchCriteriaId : C54B047C-4B38-40C0-9855-067DCF7E48BD (string)

vulnerable : true (boolean)

}

39 : { »

criteria : cpe:2.3:o:juniper:junos:20.4:r2-s1:*:*:*:*:*:* (string)

matchCriteriaId : 38984199-E332-4A9C-A4C0-78083D052E15 (string)

vulnerable : true (boolean)

}

40 : { »

criteria : cpe:2.3:o:juniper:junos:20.4:r2-s2:*:*:*:*:*:* (string)

matchCriteriaId : AA6526FB-2941-4D18-9B2E-472AD5A62A53 (string)

vulnerable : true (boolean)

}

41 : { »

criteria : cpe:2.3:o:juniper:junos:21.1:-:*:*:*:*:*:* (string)

matchCriteriaId : 6FDB5B7D-FB37-47E3-8678-B9ED578CCA5F (string)

vulnerable : true (boolean)

}

42 : { »

criteria : cpe:2.3:o:juniper:junos:21.1:r1:*:*:*:*:*:* (string)

matchCriteriaId : 625BA7E6-D2AD-4A48-9B94-24328BE5B06A (string)

vulnerable : true (boolean)

}

43 : { »

criteria : cpe:2.3:o:juniper:junos:21.1:r1-s1:*:*:*:*:*:* (string)

matchCriteriaId : F462F4E3-762C-429F-8D25-5521100DD37C (string)

vulnerable : true (boolean)

}

44 : { »

criteria : cpe:2.3:o:juniper:junos:21.2:-:*:*:*:*:*:* (string)

matchCriteriaId : 216E7DDE-453D-481F-92E2-9F8466CDDA3F (string)

vulnerable : true (boolean)

}

45 : { »

criteria : cpe:2.3:o:juniper:junos:21.2:r1:*:*:*:*:*:* (string)

matchCriteriaId : A52AF794-B36B-43A6-82E9-628658624B0A (string)

vulnerable : true (boolean)

}

46 : { »

criteria : cpe:2.3:o:juniper:junos:21.2:r1-s1:*:*:*:*:*:* (string)

matchCriteriaId : 3998DC76-F72F-4452-9150-652140B113EB (string)

vulnerable : true (boolean)

}

47 : { »

criteria : cpe:2.3:o:juniper:junos:21.2:r1-s2:*:*:*:*:*:* (string)

matchCriteriaId : 36ED4552-2420-45F9-B6E4-6DA2B2B12870 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

1 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:h:juniper:mx10:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 52699E2B-450A-431C-81E3-DC4483C8B4F2 (string)

vulnerable : false (boolean)

}

1 : { »

criteria : cpe:2.3:h:juniper:mx10000:-:*:*:*:*:*:*:* (string)

matchCriteriaId : D97AF6F8-3D50-4D35-BCB1-54E3BEC69B9F (string)

vulnerable : false (boolean)

}

2 : { »

criteria : cpe:2.3:h:juniper:mx10003:-:*:*:*:*:*:*:* (string)

matchCriteriaId : D5627740-42E3-4FB1-B8B9-0B768AFFA1EC (string)

vulnerable : false (boolean)

}

3 : { »

criteria : cpe:2.3:h:juniper:mx10008:-:*:*:*:*:*:*:* (string)

matchCriteriaId : D6F0EA2F-BF7E-45D0-B2B4-8A7B67A9475A (string)

vulnerable : false (boolean)

}

4 : { »

criteria : cpe:2.3:h:juniper:mx10016:-:*:*:*:*:*:*:* (string)

matchCriteriaId : C39DA74D-F5C7-4C11-857D-50631A110644 (string)

vulnerable : false (boolean)

}

5 : { »

criteria : cpe:2.3:h:juniper:mx104:-:*:*:*:*:*:*:* (string)

matchCriteriaId : F72C850A-0530-4DB7-A553-7E19F82122B5 (string)

vulnerable : false (boolean)

}

6 : { »

criteria : cpe:2.3:h:juniper:mx150:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 7FE2089C-F341-4DC1-B76D-633BC699306D (string)

vulnerable : false (boolean)

}

7 : { »

criteria : cpe:2.3:h:juniper:mx2008:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 2FEF33EB-B2E0-42EF-A1BB-D41021B6D08F (string)

vulnerable : false (boolean)

}

8 : { »

criteria : cpe:2.3:h:juniper:mx2010:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 27175D9A-CA2C-4218-8042-835E25DFCA43 (string)

vulnerable : false (boolean)

}

9 : { »

criteria : cpe:2.3:h:juniper:mx2020:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 00C7FC57-8ACF-45AA-A227-7E3B350FD24F (string)

vulnerable : false (boolean)

}

10 : { »

criteria : cpe:2.3:h:juniper:mx204:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 2754C2DF-DF6E-4109-9463-38B4E0465B77 (string)

vulnerable : false (boolean)

}

11 : { »

criteria : cpe:2.3:h:juniper:mx240:-:*:*:*:*:*:*:* (string)

matchCriteriaId : F4A26704-A6A4-4C4F-9E12-A0A0259491EF (string)

vulnerable : false (boolean)

}

12 : { »

criteria : cpe:2.3:h:juniper:mx40:-:*:*:*:*:*:*:* (string)

matchCriteriaId : C982A2FF-A1F9-4830-BAB6-77CFCE1F093F (string)

vulnerable : false (boolean)

}

13 : { »

criteria : cpe:2.3:h:juniper:mx480:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 104858BD-D31D-40E0-8524-2EC311F10EAC (string)

vulnerable : false (boolean)

}

14 : { »

criteria : cpe:2.3:h:juniper:mx5:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 3B557965-0040-4048-B56C-F564FF28635B (string)

vulnerable : false (boolean)

}

15 : { »

criteria : cpe:2.3:h:juniper:mx80:-:*:*:*:*:*:*:* (string)

matchCriteriaId : EB875EBD-A3CD-4466-B2A3-39D47FF94592 (string)

vulnerable : false (boolean)

}

16 : { »

criteria : cpe:2.3:h:juniper:mx960:-:*:*:*:*:*:*:* (string)

matchCriteriaId : B5E08E1E-0FE4-4294-9497-BBFFECA2A220 (string)

vulnerable : false (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

operator : AND (string)

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : A Use After Free vulnerability in the Advanced Forwarding Toolkit (AFT) manager process (aftmand) of Juniper Networks Junos OS allows an unauthenticated networked attacker to cause a kernel crash due to intensive polling of Abstracted Fabric (AF) interface statistics and thereby a Denial of Service (DoS). Continued gathering of AF interface statistics will create a sustained Denial of Service (DoS) condition. This issue affects Juniper Networks Junos OS on MX Series: 20.1 versions later than 20.1R1; 20.2 versions prior to 20.2R3-S5; 20.3 versions prior to 20.3R3-S4; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R2; 21.2 versions prior to 21.2R2. (string)

}

1 : { »

lang : es (string)

value : Una vulnerabilidad de Uso de Memoria Previamente Liberada en el proceso de administración de Advanced Forwarding Toolkit (AFT) (aftmand) de Juniper Networks Junos OS permite a un atacante no autenticado en red causar un bloqueo del kernel debido al sondeo intensivo de las estadísticas de la interfaz de Abstracted Fabric (AF) y, por tanto, una Denegación de Servicio (DoS). La recopilación continuada de estadísticas de la interfaz AF creará una condición de Denegación de Servicio (DoS) sostenida. Este problema afecta a Juniper Networks Junos OS en la serie MX: versiones 20.1 posteriores a 20.1R1; versiones 20.2 anteriores a 20.2R3-S5; versiones 20.3 anteriores a 20.3R3-S4; versiones 20.4 anteriores a 20.4R3; versiones 21.1 anteriores a 21.1R2; versiones 21.2 anteriores a 21.2R2 (string)

}

]

id : CVE-2022-22207 (string)

lastModified : 2024-11-21T06:46:23.577 (string)

metrics : { »

cvssMetricV31 : [ »

0 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : NETWORK (string)

availabilityImpact : HIGH (string)

baseScore : 7.5 (number)

baseSeverity : HIGH (string)

confidentialityImpact : NONE (string)

integrityImpact : NONE (string)

privilegesRequired : NONE (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H (string)

version : 3.1 (string)

}

exploitabilityScore : 3.9 (number)

impactScore : 3.6 (number)

source : sirt@juniper.net (string)

type : Secondary (string)

}

1 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : NETWORK (string)

availabilityImpact : HIGH (string)

baseScore : 7.5 (number)

baseSeverity : HIGH (string)

confidentialityImpact : NONE (string)

integrityImpact : NONE (string)

privilegesRequired : NONE (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H (string)

version : 3.1 (string)

}

exploitabilityScore : 3.9 (number)

impactScore : 3.6 (number)

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

published : 2022-07-20T15:15:08.580 (string)

references : [ »

0 : { »

source : sirt@juniper.net (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : https://kb.juniper.net/JSA69711 (string)

}

1 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : https://kb.juniper.net/JSA69711 (string)

}

]

sourceIdentifier : sirt@juniper.net (string)

vulnStatus : Modified (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-416 (string)

}

]

source : sirt@juniper.net (string)

type : Secondary (string)

}

]

}

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object