CVE-2022-22201
18.10.2022, 03:15
An Improper Validation of Specified Index, Position, or Offset in Input vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an unauthenticated network-based attacker to cause a Denial of Service (DoS). On SRX5000 Series with SPC3, SRX4000 Series, and vSRX, when PowerMode IPsec is configured and a malformed ESP packet matching an established IPsec tunnel is received the PFE crashes. This issue affects Juniper Networks Junos OS on SRX5000 Series with SPC3, SRX4000 Series, and vSRX: All versions prior to 19.4R2-S6, 19.4R3-S7; 20.1 versions prior to 20.1R3-S3; 20.2 versions prior to 20.2R3-S4; 20.3 versions prior to 20.3R3-S3; 20.4 versions prior to 20.4R3-S2; 21.1 versions prior to 21.1R3; 21.2 versions prior to 21.2R3; 21.3 versions prior to 21.3R1-S2, 21.3R2.Enginsight
| Vendor | Product | Version |
|---|---|---|
| juniper | junos | 𝑥 < 19.4 |
| juniper | junos | 19.4 |
| juniper | junos | 19.4:r1 |
| juniper | junos | 19.4:r1-s1 |
| juniper | junos | 19.4:r1-s2 |
| juniper | junos | 19.4:r1-s3 |
| juniper | junos | 19.4:r1-s4 |
| juniper | junos | 19.4:r2 |
| juniper | junos | 19.4:r2-s1 |
| juniper | junos | 19.4:r2-s2 |
| juniper | junos | 19.4:r2-s3 |
| juniper | junos | 19.4:r2-s4 |
| juniper | junos | 19.4:r2-s5 |
| juniper | junos | 19.4:r3-s7 |
| juniper | junos | 20.1 |
| juniper | junos | 20.1:r1 |
| juniper | junos | 20.1:r1-s1 |
| juniper | junos | 20.1:r1-s2 |
| juniper | junos | 20.1:r1-s3 |
| juniper | junos | 20.1:r1-s4 |
| juniper | junos | 20.1:r2 |
| juniper | junos | 20.1:r2-s1 |
| juniper | junos | 20.1:r2-s2 |
| juniper | junos | 20.1:r3 |
| juniper | junos | 20.1:r3-s1 |
| juniper | junos | 20.1:r3-s2 |
| juniper | junos | 20.2 |
| juniper | junos | 20.2:r1 |
| juniper | junos | 20.2:r1-s1 |
| juniper | junos | 20.2:r1-s2 |
| juniper | junos | 20.2:r1-s3 |
| juniper | junos | 20.2:r2 |
| juniper | junos | 20.2:r2-s1 |
| juniper | junos | 20.2:r2-s2 |
| juniper | junos | 20.2:r2-s3 |
| juniper | junos | 20.2:r3 |
| juniper | junos | 20.2:r3-s1 |
| juniper | junos | 20.2:r3-s2 |
| juniper | junos | 20.2:r3-s3 |
| juniper | junos | 20.3 |
| juniper | junos | 20.3:r1 |
| juniper | junos | 20.3:r1-s1 |
| juniper | junos | 20.3:r1-s2 |
| juniper | junos | 20.3:r2 |
| juniper | junos | 20.3:r2-s1 |
| juniper | junos | 20.3:r3 |
| juniper | junos | 20.3:r3-s1 |
| juniper | junos | 20.3:r3-s2 |
| juniper | junos | 20.4 |
| juniper | junos | 20.4:r1 |
| juniper | junos | 20.4:r1-s1 |
| juniper | junos | 20.4:r2 |
| juniper | junos | 20.4:r2-s1 |
| juniper | junos | 20.4:r2-s2 |
| juniper | junos | 20.4:r3 |
| juniper | junos | 20.4:r3-s1 |
| juniper | junos | 21.1 |
| juniper | junos | 21.1:r1 |
| juniper | junos | 21.1:r1-s1 |
| juniper | junos | 21.1:r2 |
| juniper | junos | 21.1:r2-s1 |
| juniper | junos | 21.1:r2-s2 |
| juniper | junos | 21.2 |
| juniper | junos | 21.2:r1 |
| juniper | junos | 21.2:r1-s1 |
| juniper | junos | 21.2:r1-s2 |
| juniper | junos | 21.2:r2 |
| juniper | junos | 21.3:r1 |
| juniper | junos | 21.3:r1-s1 |
| juniper | junos | 21.3:r2 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-1285 - Improper Validation of Specified Index, Position, or Offset in InputThe product receives input that is expected to specify an index, position, or offset into an indexable resource such as a buffer or file, but it does not validate or incorrectly validates that the specified index/position/offset has the required properties.
- CWE-20 - Improper Input ValidationThe product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.