CVE-2022-22191
14.04.2022, 16:15
A Denial of Service (DoS) vulnerability in the processing of a flood of specific ARP traffic in Juniper Networks Junos OS on the EX4300 switch, sent from the local broadcast domain, may allow an unauthenticated network-adjacent attacker to trigger a PFEMAN watchdog timeout, causing the Packet Forwarding Engine (PFE) to crash and restart. After the restart, transit traffic will be temporarily interrupted until the PFE is reprogrammed. In a virtual chassis (VC), the impacted Flexible PIC Concentrator (FPC) may split from the VC temporarily, and join back into the VC once the PFE restarts. Continued receipt and processing of these packets will create a sustained Denial of Service (DoS) condition. This issue affects Juniper Networks Junos OS on the EX4300: All versions prior to 15.1R7-S12; 18.4 versions prior to 18.4R2-S10, 18.4R3-S11; 19.1 versions prior to 19.1R3-S8; 19.2 versions prior to 19.2R1-S9, 19.2R3-S4; 19.3 versions prior to 19.3R3-S5; 19.4 versions prior to 19.4R2-S6, 19.4R3-S7; 20.1 versions prior to 20.1R3-S3; 20.2 versions prior to 20.2R3-S3; 20.3 versions prior to 20.3R3-S2; 20.4 versions prior to 20.4R3-S1; 21.1 versions prior to 21.1R3; 21.2 versions prior to 21.2R2-S1, 21.2R3; 21.3 versions prior to 21.3R1-S2, 21.3R2.Enginsight
| Vendor | Product | Version |
|---|---|---|
| juniper | junos | 𝑥 < 15.1 |
| juniper | junos | 15.1 |
| juniper | junos | 15.1:a1 |
| juniper | junos | 15.1:f |
| juniper | junos | 15.1:f1 |
| juniper | junos | 15.1:f2 |
| juniper | junos | 15.1:f2-s1 |
| juniper | junos | 15.1:f2-s2 |
| juniper | junos | 15.1:f2-s3 |
| juniper | junos | 15.1:f2-s4 |
| juniper | junos | 15.1:f3 |
| juniper | junos | 15.1:f4 |
| juniper | junos | 15.1:f5 |
| juniper | junos | 15.1:f5-s7 |
| juniper | junos | 15.1:f6 |
| juniper | junos | 15.1:f6-s1 |
| juniper | junos | 15.1:f6-s10 |
| juniper | junos | 15.1:f6-s12 |
| juniper | junos | 15.1:f6-s2 |
| juniper | junos | 15.1:f6-s3 |
| juniper | junos | 15.1:f6-s4 |
| juniper | junos | 15.1:f6-s5 |
| juniper | junos | 15.1:f6-s6 |
| juniper | junos | 15.1:f6-s7 |
| juniper | junos | 15.1:f6-s8 |
| juniper | junos | 15.1:f6-s9 |
| juniper | junos | 15.1:f7 |
| juniper | junos | 15.1:r |
| juniper | junos | 15.1:r1 |
| juniper | junos | 15.1:r2 |
| juniper | junos | 15.1:r3 |
| juniper | junos | 15.1:r4 |
| juniper | junos | 15.1:r4-s7 |
| juniper | junos | 15.1:r4-s8 |
| juniper | junos | 15.1:r4-s9 |
| juniper | junos | 15.1:r5 |
| juniper | junos | 15.1:r5-s1 |
| juniper | junos | 15.1:r5-s3 |
| juniper | junos | 15.1:r5-s5 |
| juniper | junos | 15.1:r5-s6 |
| juniper | junos | 15.1:r6 |
| juniper | junos | 15.1:r6-s1 |
| juniper | junos | 15.1:r6-s2 |
| juniper | junos | 15.1:r6-s3 |
| juniper | junos | 15.1:r6-s4 |
| juniper | junos | 15.1:r6-s6 |
| juniper | junos | 15.1:r7 |
| juniper | junos | 15.1:r7-s1 |
| juniper | junos | 15.1:r7-s10 |
| juniper | junos | 15.1:r7-s11 |
| juniper | junos | 15.1:r7-s2 |
| juniper | junos | 15.1:r7-s3 |
| juniper | junos | 15.1:r7-s4 |
| juniper | junos | 15.1:r7-s5 |
| juniper | junos | 15.1:r7-s6 |
| juniper | junos | 15.1:r7-s7 |
| juniper | junos | 15.1:r7-s8 |
| juniper | junos | 15.1:r7-s9 |
| juniper | junos | 18.4 |
| juniper | junos | 18.4:r1 |
| juniper | junos | 18.4:r1-s1 |
| juniper | junos | 18.4:r1-s2 |
| juniper | junos | 18.4:r1-s3 |
| juniper | junos | 18.4:r1-s4 |
| juniper | junos | 18.4:r1-s5 |
| juniper | junos | 18.4:r1-s6 |
| juniper | junos | 18.4:r1-s7 |
| juniper | junos | 18.4:r2 |
| juniper | junos | 18.4:r2-s1 |
| juniper | junos | 18.4:r2-s2 |
| juniper | junos | 18.4:r2-s3 |
| juniper | junos | 18.4:r2-s4 |
| juniper | junos | 18.4:r2-s5 |
| juniper | junos | 18.4:r2-s6 |
| juniper | junos | 18.4:r2-s7 |
| juniper | junos | 18.4:r2-s8 |
| juniper | junos | 18.4:r2-s9 |
| juniper | junos | 18.4:r3 |
| juniper | junos | 18.4:r3-s1 |
| juniper | junos | 18.4:r3-s10 |
| juniper | junos | 18.4:r3-s2 |
| juniper | junos | 18.4:r3-s3 |
| juniper | junos | 18.4:r3-s4 |
| juniper | junos | 18.4:r3-s5 |
| juniper | junos | 18.4:r3-s6 |
| juniper | junos | 18.4:r3-s7 |
| juniper | junos | 18.4:r3-s8 |
| juniper | junos | 18.4:r3-s9 |
| juniper | junos | 19.1 |
| juniper | junos | 19.1:r1 |
| juniper | junos | 19.1:r1-s1 |
| juniper | junos | 19.1:r1-s2 |
| juniper | junos | 19.1:r1-s3 |
| juniper | junos | 19.1:r1-s4 |
| juniper | junos | 19.1:r1-s5 |
| juniper | junos | 19.1:r1-s6 |
| juniper | junos | 19.1:r2 |
| juniper | junos | 19.1:r2-s1 |
| juniper | junos | 19.1:r2-s2 |
| juniper | junos | 19.1:r2-s3 |
| juniper | junos | 19.1:r3 |
| juniper | junos | 19.1:r3-s1 |
| juniper | junos | 19.1:r3-s2 |
| juniper | junos | 19.1:r3-s3 |
| juniper | junos | 19.1:r3-s4 |
| juniper | junos | 19.1:r3-s5 |
| juniper | junos | 19.1:r3-s6 |
| juniper | junos | 19.1:r3-s7 |
| juniper | junos | 19.2 |
| juniper | junos | 19.2:r1 |
| juniper | junos | 19.2:r1-s1 |
| juniper | junos | 19.2:r1-s2 |
| juniper | junos | 19.2:r1-s3 |
| juniper | junos | 19.2:r1-s4 |
| juniper | junos | 19.2:r1-s5 |
| juniper | junos | 19.2:r1-s6 |
| juniper | junos | 19.2:r1-s7 |
| juniper | junos | 19.2:r1-s8 |
| juniper | junos | 19.2:r2 |
| juniper | junos | 19.2:r2-s1 |
| juniper | junos | 19.2:r3 |
| juniper | junos | 19.2:r3-s1 |
| juniper | junos | 19.2:r3-s2 |
| juniper | junos | 19.2:r3-s3 |
| juniper | junos | 19.3 |
| juniper | junos | 19.3:r1 |
| juniper | junos | 19.3:r1-s1 |
| juniper | junos | 19.3:r2 |
| juniper | junos | 19.3:r2-s1 |
| juniper | junos | 19.3:r2-s2 |
| juniper | junos | 19.3:r2-s3 |
| juniper | junos | 19.3:r2-s4 |
| juniper | junos | 19.3:r2-s5 |
| juniper | junos | 19.3:r2-s6 |
| juniper | junos | 19.3:r3 |
| juniper | junos | 19.3:r3-s1 |
| juniper | junos | 19.3:r3-s2 |
| juniper | junos | 19.3:r3-s3 |
| juniper | junos | 19.3:r3-s4 |
| juniper | junos | 19.4 |
| juniper | junos | 19.4:r1 |
| juniper | junos | 19.4:r1-s1 |
| juniper | junos | 19.4:r1-s2 |
| juniper | junos | 19.4:r1-s3 |
| juniper | junos | 19.4:r1-s4 |
| juniper | junos | 19.4:r2 |
| juniper | junos | 19.4:r2-s1 |
| juniper | junos | 19.4:r2-s2 |
| juniper | junos | 19.4:r2-s3 |
| juniper | junos | 19.4:r2-s4 |
| juniper | junos | 19.4:r2-s5 |
| juniper | junos | 19.4:r3 |
| juniper | junos | 19.4:r3-s1 |
| juniper | junos | 19.4:r3-s2 |
| juniper | junos | 19.4:r3-s3 |
| juniper | junos | 19.4:r3-s4 |
| juniper | junos | 19.4:r3-s5 |
| juniper | junos | 19.4:r3-s6 |
| juniper | junos | 20.1 |
| juniper | junos | 20.1:r1 |
| juniper | junos | 20.1:r1-s1 |
| juniper | junos | 20.1:r1-s2 |
| juniper | junos | 20.1:r1-s3 |
| juniper | junos | 20.1:r1-s4 |
| juniper | junos | 20.1:r2 |
| juniper | junos | 20.1:r2-s1 |
| juniper | junos | 20.1:r2-s2 |
| juniper | junos | 20.1:r3 |
| juniper | junos | 20.1:r3-s1 |
| juniper | junos | 20.1:r3-s2 |
| juniper | junos | 20.2 |
| juniper | junos | 20.2:r1 |
| juniper | junos | 20.2:r1-s1 |
| juniper | junos | 20.2:r1-s2 |
| juniper | junos | 20.2:r1-s3 |
| juniper | junos | 20.2:r2 |
| juniper | junos | 20.2:r2-s1 |
| juniper | junos | 20.2:r2-s2 |
| juniper | junos | 20.2:r2-s3 |
| juniper | junos | 20.2:r3 |
| juniper | junos | 20.2:r3-s1 |
| juniper | junos | 20.2:r3-s2 |
| juniper | junos | 20.3 |
| juniper | junos | 20.3:r1 |
| juniper | junos | 20.3:r1-s1 |
| juniper | junos | 20.3:r2 |
| juniper | junos | 20.3:r2-s1 |
| juniper | junos | 20.3:r3 |
| juniper | junos | 20.3:r3-s1 |
| juniper | junos | 20.4 |
| juniper | junos | 20.4:r1 |
| juniper | junos | 20.4:r1-s1 |
| juniper | junos | 20.4:r2 |
| juniper | junos | 20.4:r2-s1 |
| juniper | junos | 20.4:r2-s2 |
| juniper | junos | 20.4:r3 |
| juniper | junos | 21.1 |
| juniper | junos | 21.1:r1 |
| juniper | junos | 21.1:r1-s1 |
| juniper | junos | 21.1:r2 |
| juniper | junos | 21.1:r2-s1 |
| juniper | junos | 21.1:r2-s2 |
| juniper | junos | 21.2:r1 |
| juniper | junos | 21.2:r1-s1 |
| juniper | junos | 21.2:r1-s2 |
| juniper | junos | 21.2:r2 |
| juniper | junos | 21.3:r1 |
| juniper | junos | 21.3:r1-s1 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-410 - Insufficient Resource PoolThe software's resource pool is not large enough to handle peak demand, which allows an attacker to prevent others from accessing the resource by using a (relatively) large number of requests for resources.
- CWE-400 - Uncontrolled Resource ConsumptionThe software does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.