6.5

CVE-2022-22155

An Uncontrolled Resource Consumption vulnerability in the handling of IPv6 neighbor state change events in Juniper Networks Junos OS allows an adjacent attacker to cause a memory leak in the Flexible PIC Concentrator (FPC) of an ACX5448 router. The continuous flapping of an IPv6 neighbor with specific timing will cause the FPC to run out of resources, leading to a Denial of Service (DoS) condition. Once the condition occurs, further packet processing will be impacted, creating a sustained Denial of Service (DoS) condition, requiring a manual PFE restart to restore service. The following error messages will be seen after the FPC resources have been exhausted: fpc0 DNX_NH::dnx_nh_tag_ipv4_hw_install(),3135: dnx_nh_tag_ipv4_hw_install: BCM L3 Egress create object failed for NH 602 (-14:No resources for operation), BCM NH Params: unit:0 Port:41, L3_INTF:0 Flags: 0x40 fpc0 DNX_NH::dnx_nh_tag_ipv4_hw_install(),3135: dnx_nh_tag_ipv4_hw_install: BCM L3 Egress create object failed for NH 602 (-14:No resources for operation), BCM NH Params: unit:0 Port:41, L3_INTF:0 Flags: 0x40 fpc0 DNX_NH::dnx_nh_tag_ipv4_hw_install(),3135: dnx_nh_tag_ipv4_hw_install: BCM L3 Egress create object failed for NH 602 (-14:No resources for operation), BCM NH Params: unit:0 Port:41, L3_INTF:0 Flags: 0x40 fpc0 DNX_NH::dnx_nh_tag_ipv4_hw_install(),3135: dnx_nh_tag_ipv4_hw_install: BCM L3 Egress create object failed for NH 602 (-14:No resources for operation), BCM NH Params: unit:0 Port:41, L3_INTF:0 Flags: 0x40 This issue only affects the ACX5448 router. No other products or platforms are affected by this vulnerability. This issue affects Juniper Networks Junos OS on ACX5448: 18.4 versions prior to 18.4R3-S10; 19.1 versions prior to 19.1R3-S5; 19.2 versions prior to 19.2R1-S8, 19.2R3-S2; 19.3 versions prior to 19.3R2-S6, 19.3R3-S2; 19.4 versions prior to 19.4R1-S3, 19.4R2-S2, 19.4R3; 20.1 versions prior to 20.1R2; 20.2 versions prior to 20.2R1-S1, 20.2R2.

Data is provided by the National Vulnerability Database (NVD)
JuniperJunos Version18.4 Update-
   JuniperAcx5448 Version-
JuniperJunos Version18.4 Updater1
   JuniperAcx5448 Version-
JuniperJunos Version18.4 Updater1-s1
   JuniperAcx5448 Version-
JuniperJunos Version18.4 Updater1-s2
   JuniperAcx5448 Version-
JuniperJunos Version18.4 Updater1-s3
   JuniperAcx5448 Version-
JuniperJunos Version18.4 Updater1-s4
   JuniperAcx5448 Version-
JuniperJunos Version18.4 Updater1-s5
   JuniperAcx5448 Version-
JuniperJunos Version18.4 Updater1-s6
   JuniperAcx5448 Version-
JuniperJunos Version18.4 Updater1-s7
   JuniperAcx5448 Version-
JuniperJunos Version18.4 Updater2
   JuniperAcx5448 Version-
JuniperJunos Version18.4 Updater2-s1
   JuniperAcx5448 Version-
JuniperJunos Version18.4 Updater2-s2
   JuniperAcx5448 Version-
JuniperJunos Version18.4 Updater2-s3
   JuniperAcx5448 Version-
JuniperJunos Version18.4 Updater2-s4
   JuniperAcx5448 Version-
JuniperJunos Version18.4 Updater2-s5
   JuniperAcx5448 Version-
JuniperJunos Version18.4 Updater2-s6
   JuniperAcx5448 Version-
JuniperJunos Version18.4 Updater2-s7
   JuniperAcx5448 Version-
JuniperJunos Version18.4 Updater2-s8
   JuniperAcx5448 Version-
JuniperJunos Version18.4 Updater3
   JuniperAcx5448 Version-
JuniperJunos Version18.4 Updater3-s1
   JuniperAcx5448 Version-
JuniperJunos Version18.4 Updater3-s2
   JuniperAcx5448 Version-
JuniperJunos Version18.4 Updater3-s3
   JuniperAcx5448 Version-
JuniperJunos Version18.4 Updater3-s4
   JuniperAcx5448 Version-
JuniperJunos Version18.4 Updater3-s5
   JuniperAcx5448 Version-
JuniperJunos Version18.4 Updater3-s6
   JuniperAcx5448 Version-
JuniperJunos Version18.4 Updater3-s7
   JuniperAcx5448 Version-
JuniperJunos Version18.4 Updater3-s8
   JuniperAcx5448 Version-
JuniperJunos Version18.4 Updater3-s9
   JuniperAcx5448 Version-
JuniperJunos Version19.1 Update-
   JuniperAcx5448 Version-
JuniperJunos Version19.1 Updater1
   JuniperAcx5448 Version-
JuniperJunos Version19.1 Updater1-s1
   JuniperAcx5448 Version-
JuniperJunos Version19.1 Updater1-s2
   JuniperAcx5448 Version-
JuniperJunos Version19.1 Updater1-s3
   JuniperAcx5448 Version-
JuniperJunos Version19.1 Updater1-s4
   JuniperAcx5448 Version-
JuniperJunos Version19.1 Updater1-s5
   JuniperAcx5448 Version-
JuniperJunos Version19.1 Updater1-s6
   JuniperAcx5448 Version-
JuniperJunos Version19.1 Updater2
   JuniperAcx5448 Version-
JuniperJunos Version19.1 Updater2-s1
   JuniperAcx5448 Version-
JuniperJunos Version19.1 Updater2-s2
   JuniperAcx5448 Version-
JuniperJunos Version19.1 Updater2-s3
   JuniperAcx5448 Version-
JuniperJunos Version19.1 Updater3
   JuniperAcx5448 Version-
JuniperJunos Version19.1 Updater3-s1
   JuniperAcx5448 Version-
JuniperJunos Version19.1 Updater3-s2
   JuniperAcx5448 Version-
JuniperJunos Version19.1 Updater3-s3
   JuniperAcx5448 Version-
JuniperJunos Version19.1 Updater3-s4
   JuniperAcx5448 Version-
JuniperJunos Version19.2 Update-
   JuniperAcx5448 Version-
JuniperJunos Version19.2 Updater1
   JuniperAcx5448 Version-
JuniperJunos Version19.2 Updater1-s1
   JuniperAcx5448 Version-
JuniperJunos Version19.2 Updater1-s2
   JuniperAcx5448 Version-
JuniperJunos Version19.2 Updater1-s3
   JuniperAcx5448 Version-
JuniperJunos Version19.2 Updater1-s4
   JuniperAcx5448 Version-
JuniperJunos Version19.2 Updater1-s5
   JuniperAcx5448 Version-
JuniperJunos Version19.2 Updater1-s6
   JuniperAcx5448 Version-
JuniperJunos Version19.2 Updater1-s7
   JuniperAcx5448 Version-
JuniperJunos Version19.2 Updater2
   JuniperAcx5448 Version-
JuniperJunos Version19.2 Updater2-s1
   JuniperAcx5448 Version-
JuniperJunos Version19.2 Updater3
   JuniperAcx5448 Version-
JuniperJunos Version19.2 Updater3-s1
   JuniperAcx5448 Version-
JuniperJunos Version19.3 Update-
   JuniperAcx5448 Version-
JuniperJunos Version19.3 Updater1
   JuniperAcx5448 Version-
JuniperJunos Version19.3 Updater1-s1
   JuniperAcx5448 Version-
JuniperJunos Version19.3 Updater2
   JuniperAcx5448 Version-
JuniperJunos Version19.3 Updater2-s1
   JuniperAcx5448 Version-
JuniperJunos Version19.3 Updater2-s2
   JuniperAcx5448 Version-
JuniperJunos Version19.3 Updater2-s3
   JuniperAcx5448 Version-
JuniperJunos Version19.3 Updater2-s4
   JuniperAcx5448 Version-
JuniperJunos Version19.3 Updater2-s5
   JuniperAcx5448 Version-
JuniperJunos Version19.3 Updater3
   JuniperAcx5448 Version-
JuniperJunos Version19.3 Updater3-s1
   JuniperAcx5448 Version-
JuniperJunos Version19.4 Updater1
   JuniperAcx5448 Version-
JuniperJunos Version19.4 Updater1-s1
   JuniperAcx5448 Version-
JuniperJunos Version19.4 Updater1-s2
   JuniperAcx5448 Version-
JuniperJunos Version19.4 Updater2
   JuniperAcx5448 Version-
JuniperJunos Version19.4 Updater2-s1
   JuniperAcx5448 Version-
JuniperJunos Version20.1 Updater1
   JuniperAcx5448 Version-
JuniperJunos Version20.1 Updater1-s1
   JuniperAcx5448 Version-
JuniperJunos Version20.1 Updater1-s2
   JuniperAcx5448 Version-
JuniperJunos Version20.1 Updater1-s3
   JuniperAcx5448 Version-
JuniperJunos Version20.1 Updater1-s4
   JuniperAcx5448 Version-
JuniperJunos Version20.2 Updater1
   JuniperAcx5448 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.2% 0.386
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 6.5 2.8 3.6
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov 3.3 6.5 2.9
AV:A/AC:L/Au:N/C:N/I:N/A:P
sirt@juniper.net 6.5 2.8 3.6
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE-400 Uncontrolled Resource Consumption

The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.

CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, which slowly consumes remaining memory.

CWE-772 Missing Release of Resource after Effective Lifetime

The product does not release a resource after its effective lifetime has ended, i.e., after the resource is no longer needed.