5.9

CVE-2022-22169

An Improper Initialization vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an attacker who sends specific packets in certain orders and at specific timings to force OSPFv3 to unexpectedly enter graceful-restart (GR helper mode) even though there is not any Grace-LSA received in OSPFv3 causing a Denial of Service (DoS). Unexpectedly entering GR helper mode might cause the OSPFv3 neighbor adjacency formed on this interface to be stuck in the "INIT" state which can be observed by issuing the following command: user@device> show ospf3 neighbor ID Interface State xx.xx.xx.xx ae100.0 Init <<<<<<<<<< An indicator of compromise can be seen in log files when traceoptions for OSPFv3 are enabled before the issue occurs. These logfile messages are as follows: OSPF restart signaling: Received hello with LR bit set from nbr ip=xx::xx id=xx.xx.xx.xx. Set oob-resync capabilty 1. OSPF Restart Signaling: Start helper mode for nbr ip xx::xx id xx.xx.xx.xx OSPF restart signaling: abort helper mode for nbr ip=xx::xx id=xx.xx.xx.xx OSPF neighbor xx::xx (realm ipv6-unicast <interface.unit> area xx.xx.xx.xx) state changed from Full to Init due to 1WayRcvd (event reason: neighbor is in one-way mode) (nbr helped: 0) This issue affects: Juniper Networks Junos OS. 15.1 versions prior to 15.1R7-S11; 18.3 versions prior to 18.3R3-S6; 18.4 versions prior to 18.4R2-S9, 18.4R3-S10; 19.1 versions prior to 19.1R2-S3, 19.1R3-S7; 19.2 versions prior to 19.2R1-S7, 19.2R3-S4; 19.3 versions prior to 19.3R2-S7, 19.3R3-S4; 19.4 versions prior to 19.4R3-S6; 20.1 versions prior to 20.1R3-S1; 20.2 versions prior to 20.2R3-S3; 20.3 versions prior to 20.3R3-S1; 20.4 versions prior to 20.4R2-S2, 20.4R3; 21.1 versions prior to 21.1R3; 21.2 versions prior to 21.2R1-S1, 21.2R2. This issue does not affect any version of Juniper Networks Junos OS 12.3. This issue affects Juniper Networks Junos OS Evolved all versions prior to 21.2R2-EVO.

Data is provided by the National Vulnerability Database (NVD)
JuniperJunos Version15.1 Update-
JuniperJunos Version15.1 Updatea1
JuniperJunos Version15.1 Updatef
JuniperJunos Version15.1 Updatef1
JuniperJunos Version15.1 Updatef2
JuniperJunos Version15.1 Updatef2-s1
JuniperJunos Version15.1 Updatef2-s2
JuniperJunos Version15.1 Updatef2-s3
JuniperJunos Version15.1 Updatef2-s4
JuniperJunos Version15.1 Updatef3
JuniperJunos Version15.1 Updatef4
JuniperJunos Version15.1 Updatef5
JuniperJunos Version15.1 Updatef5-s7
JuniperJunos Version15.1 Updatef6
JuniperJunos Version15.1 Updatef6-s1
JuniperJunos Version15.1 Updatef6-s10
JuniperJunos Version15.1 Updatef6-s12
JuniperJunos Version15.1 Updatef6-s2
JuniperJunos Version15.1 Updatef6-s3
JuniperJunos Version15.1 Updatef6-s4
JuniperJunos Version15.1 Updatef6-s5
JuniperJunos Version15.1 Updatef6-s6
JuniperJunos Version15.1 Updatef6-s7
JuniperJunos Version15.1 Updatef6-s8
JuniperJunos Version15.1 Updatef6-s9
JuniperJunos Version15.1 Updatef7
JuniperJunos Version15.1 Updater
JuniperJunos Version15.1 Updater1
JuniperJunos Version15.1 Updater2
JuniperJunos Version15.1 Updater3
JuniperJunos Version15.1 Updater4
JuniperJunos Version15.1 Updater4-s7
JuniperJunos Version15.1 Updater4-s8
JuniperJunos Version15.1 Updater4-s9
JuniperJunos Version15.1 Updater5
JuniperJunos Version15.1 Updater5-s1
JuniperJunos Version15.1 Updater5-s3
JuniperJunos Version15.1 Updater5-s5
JuniperJunos Version15.1 Updater5-s6
JuniperJunos Version15.1 Updater6
JuniperJunos Version15.1 Updater6-s1
JuniperJunos Version15.1 Updater6-s2
JuniperJunos Version15.1 Updater6-s3
JuniperJunos Version15.1 Updater6-s4
JuniperJunos Version15.1 Updater6-s6
JuniperJunos Version15.1 Updater7
JuniperJunos Version15.1 Updater7-s1
JuniperJunos Version15.1 Updater7-s10
JuniperJunos Version15.1 Updater7-s2
JuniperJunos Version15.1 Updater7-s3
JuniperJunos Version15.1 Updater7-s4
JuniperJunos Version15.1 Updater7-s5
JuniperJunos Version15.1 Updater7-s6
JuniperJunos Version15.1 Updater7-s7
JuniperJunos Version15.1 Updater7-s8
JuniperJunos Version15.1 Updater7-s9
JuniperJunos Version18.3 Update-
JuniperJunos Version18.3 Updater
JuniperJunos Version18.3 Updater1
JuniperJunos Version18.3 Updater1-s1
JuniperJunos Version18.3 Updater1-s2
JuniperJunos Version18.3 Updater1-s3
JuniperJunos Version18.3 Updater1-s4
JuniperJunos Version18.3 Updater1-s5
JuniperJunos Version18.3 Updater1-s6
JuniperJunos Version18.3 Updater2
JuniperJunos Version18.3 Updater2-s1
JuniperJunos Version18.3 Updater2-s2
JuniperJunos Version18.3 Updater2-s3
JuniperJunos Version18.3 Updater2-s4
JuniperJunos Version18.3 Updater3
JuniperJunos Version18.3 Updater3-s1
JuniperJunos Version18.3 Updater3-s2
JuniperJunos Version18.3 Updater3-s3
JuniperJunos Version18.3 Updater3-s4
JuniperJunos Version18.3 Updater3-s5
JuniperJunos Version18.4 Update-
JuniperJunos Version18.4 Updater1
JuniperJunos Version18.4 Updater1-s1
JuniperJunos Version18.4 Updater1-s2
JuniperJunos Version18.4 Updater1-s3
JuniperJunos Version18.4 Updater1-s4
JuniperJunos Version18.4 Updater1-s5
JuniperJunos Version18.4 Updater1-s6
JuniperJunos Version18.4 Updater1-s7
JuniperJunos Version18.4 Updater2
JuniperJunos Version18.4 Updater2-s1
JuniperJunos Version18.4 Updater2-s2
JuniperJunos Version18.4 Updater2-s3
JuniperJunos Version18.4 Updater2-s4
JuniperJunos Version18.4 Updater2-s5
JuniperJunos Version18.4 Updater2-s6
JuniperJunos Version18.4 Updater2-s7
JuniperJunos Version18.4 Updater2-s8
JuniperJunos Version18.4 Updater2-s9
JuniperJunos Version18.4 Updater3
JuniperJunos Version18.4 Updater3-s1
JuniperJunos Version18.4 Updater3-s10
JuniperJunos Version18.4 Updater3-s2
JuniperJunos Version18.4 Updater3-s3
JuniperJunos Version18.4 Updater3-s4
JuniperJunos Version18.4 Updater3-s5
JuniperJunos Version18.4 Updater3-s6
JuniperJunos Version18.4 Updater3-s7
JuniperJunos Version18.4 Updater3-s8
JuniperJunos Version18.4 Updater3-s9
JuniperJunos Version19.1 Update-
JuniperJunos Version19.1 Updater1
JuniperJunos Version19.1 Updater1-s1
JuniperJunos Version19.1 Updater1-s2
JuniperJunos Version19.1 Updater1-s3
JuniperJunos Version19.1 Updater1-s4
JuniperJunos Version19.1 Updater1-s5
JuniperJunos Version19.1 Updater1-s6
JuniperJunos Version19.1 Updater2
JuniperJunos Version19.1 Updater2-s1
JuniperJunos Version19.1 Updater2-s2
JuniperJunos Version19.1 Updater3
JuniperJunos Version19.1 Updater3-s1
JuniperJunos Version19.1 Updater3-s2
JuniperJunos Version19.1 Updater3-s3
JuniperJunos Version19.1 Updater3-s4
JuniperJunos Version19.1 Updater3-s5
JuniperJunos Version19.1 Updater3-s6
JuniperJunos Version19.2 Update-
JuniperJunos Version19.2 Updater1
JuniperJunos Version19.2 Updater1-s1
JuniperJunos Version19.2 Updater1-s2
JuniperJunos Version19.2 Updater1-s3
JuniperJunos Version19.2 Updater1-s4
JuniperJunos Version19.2 Updater1-s5
JuniperJunos Version19.2 Updater1-s6
JuniperJunos Version19.2 Updater3
JuniperJunos Version19.2 Updater3-s1
JuniperJunos Version19.2 Updater3-s2
JuniperJunos Version19.2 Updater3-s3
JuniperJunos Version19.3 Update-
JuniperJunos Version19.3 Updater1
JuniperJunos Version19.3 Updater1-s1
JuniperJunos Version19.3 Updater2
JuniperJunos Version19.3 Updater2-s1
JuniperJunos Version19.3 Updater2-s2
JuniperJunos Version19.3 Updater2-s3
JuniperJunos Version19.3 Updater2-s4
JuniperJunos Version19.3 Updater2-s5
JuniperJunos Version19.3 Updater2-s6
JuniperJunos Version19.3 Updater3
JuniperJunos Version19.3 Updater3-s1
JuniperJunos Version19.3 Updater3-s2
JuniperJunos Version19.3 Updater3-s3
JuniperJunos Version19.4 Update-
JuniperJunos Version19.4 Updater1
JuniperJunos Version19.4 Updater1-s1
JuniperJunos Version19.4 Updater1-s2
JuniperJunos Version19.4 Updater1-s3
JuniperJunos Version19.4 Updater1-s4
JuniperJunos Version19.4 Updater2
JuniperJunos Version19.4 Updater2-s1
JuniperJunos Version19.4 Updater2-s2
JuniperJunos Version19.4 Updater2-s3
JuniperJunos Version19.4 Updater2-s4
JuniperJunos Version19.4 Updater2-s5
JuniperJunos Version19.4 Updater3
JuniperJunos Version19.4 Updater3-s1
JuniperJunos Version19.4 Updater3-s2
JuniperJunos Version19.4 Updater3-s3
JuniperJunos Version19.4 Updater3-s4
JuniperJunos Version19.4 Updater3-s5
JuniperJunos Version20.1 Update-
JuniperJunos Version20.1 Updater1
JuniperJunos Version20.1 Updater1-s1
JuniperJunos Version20.1 Updater1-s2
JuniperJunos Version20.1 Updater1-s3
JuniperJunos Version20.1 Updater1-s4
JuniperJunos Version20.1 Updater2
JuniperJunos Version20.1 Updater2-s1
JuniperJunos Version20.1 Updater2-s2
JuniperJunos Version20.1 Updater3
JuniperJunos Version20.1 Updater3-s1
JuniperJunos Version20.1 Updater3-s2
JuniperJunos Version20.2 Update-
JuniperJunos Version20.2 Updater1
JuniperJunos Version20.2 Updater1-s1
JuniperJunos Version20.2 Updater1-s2
JuniperJunos Version20.2 Updater1-s3
JuniperJunos Version20.2 Updater2
JuniperJunos Version20.2 Updater2-s1
JuniperJunos Version20.2 Updater2-s2
JuniperJunos Version20.2 Updater2-s3
JuniperJunos Version20.2 Updater3
JuniperJunos Version20.2 Updater3-s1
JuniperJunos Version20.2 Updater3-s2
JuniperJunos Version20.3 Update-
JuniperJunos Version20.3 Updater1
JuniperJunos Version20.3 Updater1-s1
JuniperJunos Version20.3 Updater2
JuniperJunos Version20.3 Updater2-s1
JuniperJunos Version20.3 Updater3
JuniperJunos Version20.4 Update-
JuniperJunos Version20.4 Updater1
JuniperJunos Version20.4 Updater1-s1
JuniperJunos Version20.4 Updater2
JuniperJunos Version20.4 Updater2-s1
JuniperJunos Version20.4 Updater2-s2
JuniperJunos Version21.1 Update-
JuniperJunos Version21.1 Updater1
JuniperJunos Version21.1 Updater1-s1
JuniperJunos Version21.1 Updater2
JuniperJunos Version21.2 Update-
JuniperJunos Version21.2 Updater1
JuniperJunos Os Evolved Version < 21.2
JuniperJunos Os Evolved Version21.2 Update-
JuniperJunos Os Evolved Version21.2 Updater1
JuniperJunos Os Evolved Version21.2 Updater1-s1
JuniperJunos Os Evolved Version21.2 Updater1-s2
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.28% 0.482
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 5.9 2.2 3.6
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov 4.3 8.6 2.9
AV:N/AC:M/Au:N/C:N/I:N/A:P
sirt@juniper.net 5.9 2.2 3.6
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE-665 Improper Initialization

The product does not initialize or incorrectly initializes a resource, which might leave the resource in an unexpected state when it is accessed or used.