7.5

CVE-2022-22173

A Missing Release of Memory after Effective Lifetime vulnerability in the Public Key Infrastructure daemon (pkid) of Juniper Networks Junos OS allows an unauthenticated networked attacker to cause Denial of Service (DoS). In a scenario where Public Key Infrastructure (PKI) is used in combination with Certificate Revocation List (CRL), if the CRL fails to download the memory allocated to store the CRL is not released. Repeated occurrences will eventually consume all available memory and lead to an inoperable state of the affected system causing a DoS. This issue affects Juniper Networks Junos OS: All versions prior to 18.3R3-S6; 18.4 versions prior to 18.4R2-S9, 18.4R3-S10; 19.1 versions prior to 19.1R2-S3, 19.1R3-S7; 19.2 versions prior to 19.2R1-S8, 19.2R3-S4; 19.3 versions prior to 19.3R3-S4; 19.4 versions prior to 19.4R2-S5, 19.4R3-S5; 20.1 versions prior to 20.1R3-S1; 20.2 versions prior to 20.2R3-S2; 20.3 versions prior to 20.3R3-S1; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R2, 21.1R3; 21.2 versions prior to 21.2R1-S1, 21.2R2. This issue can be observed by monitoring the memory utilization of the pkid process via: root@jtac-srx1500-r2003> show system processes extensive | match pki 20931 root 20 0 733M 14352K select 0:00 0.00% pkid which increases over time: root@jtac-srx1500-r2003> show system processes extensive | match pki 22587 root 20 0 901M 181M select 0:03 0.00% pkid

Data is provided by the National Vulnerability Database (NVD)
JuniperJunos Version < 18.3
JuniperJunos Version18.3 Update-
JuniperJunos Version18.3 Updater
JuniperJunos Version18.3 Updater1
JuniperJunos Version18.3 Updater1-s1
JuniperJunos Version18.3 Updater1-s2
JuniperJunos Version18.3 Updater1-s3
JuniperJunos Version18.3 Updater1-s4
JuniperJunos Version18.3 Updater1-s5
JuniperJunos Version18.3 Updater1-s6
JuniperJunos Version18.3 Updater2
JuniperJunos Version18.3 Updater2-s1
JuniperJunos Version18.3 Updater2-s2
JuniperJunos Version18.3 Updater2-s3
JuniperJunos Version18.3 Updater2-s4
JuniperJunos Version18.3 Updater3
JuniperJunos Version18.3 Updater3-s1
JuniperJunos Version18.3 Updater3-s2
JuniperJunos Version18.3 Updater3-s3
JuniperJunos Version18.3 Updater3-s4
JuniperJunos Version18.3 Updater3-s5
JuniperJunos Version18.4 Update-
JuniperJunos Version18.4 Updater1
JuniperJunos Version18.4 Updater1-s1
JuniperJunos Version18.4 Updater1-s2
JuniperJunos Version18.4 Updater1-s3
JuniperJunos Version18.4 Updater1-s4
JuniperJunos Version18.4 Updater1-s5
JuniperJunos Version18.4 Updater1-s6
JuniperJunos Version18.4 Updater1-s7
JuniperJunos Version18.4 Updater2
JuniperJunos Version18.4 Updater2-s1
JuniperJunos Version18.4 Updater2-s2
JuniperJunos Version18.4 Updater2-s3
JuniperJunos Version18.4 Updater2-s4
JuniperJunos Version18.4 Updater2-s5
JuniperJunos Version18.4 Updater2-s6
JuniperJunos Version18.4 Updater2-s7
JuniperJunos Version18.4 Updater2-s8
JuniperJunos Version18.4 Updater3
JuniperJunos Version18.4 Updater3-s1
JuniperJunos Version18.4 Updater3-s2
JuniperJunos Version18.4 Updater3-s3
JuniperJunos Version18.4 Updater3-s4
JuniperJunos Version18.4 Updater3-s5
JuniperJunos Version18.4 Updater3-s6
JuniperJunos Version18.4 Updater3-s7
JuniperJunos Version18.4 Updater3-s8
JuniperJunos Version18.4 Updater3-s9
JuniperJunos Version19.1 Update-
JuniperJunos Version19.1 Updater1
JuniperJunos Version19.1 Updater1-s1
JuniperJunos Version19.1 Updater1-s2
JuniperJunos Version19.1 Updater1-s3
JuniperJunos Version19.1 Updater1-s4
JuniperJunos Version19.1 Updater1-s5
JuniperJunos Version19.1 Updater1-s6
JuniperJunos Version19.1 Updater2
JuniperJunos Version19.1 Updater2-s1
JuniperJunos Version19.1 Updater2-s2
JuniperJunos Version19.1 Updater3
JuniperJunos Version19.1 Updater3-s1
JuniperJunos Version19.1 Updater3-s2
JuniperJunos Version19.1 Updater3-s3
JuniperJunos Version19.1 Updater3-s4
JuniperJunos Version19.1 Updater3-s5
JuniperJunos Version19.1 Updater3-s6
JuniperJunos Version19.2 Update-
JuniperJunos Version19.2 Updater1
JuniperJunos Version19.2 Updater1-s1
JuniperJunos Version19.2 Updater1-s2
JuniperJunos Version19.2 Updater1-s3
JuniperJunos Version19.2 Updater1-s4
JuniperJunos Version19.2 Updater1-s5
JuniperJunos Version19.2 Updater1-s6
JuniperJunos Version19.2 Updater1-s7
JuniperJunos Version19.2 Updater3
JuniperJunos Version19.2 Updater3-s1
JuniperJunos Version19.2 Updater3-s2
JuniperJunos Version19.2 Updater3-s3
JuniperJunos Version19.3 Update-
JuniperJunos Version19.3 Updater1
JuniperJunos Version19.3 Updater1-s1
JuniperJunos Version19.3 Updater2
JuniperJunos Version19.3 Updater2-s1
JuniperJunos Version19.3 Updater2-s2
JuniperJunos Version19.3 Updater2-s3
JuniperJunos Version19.3 Updater2-s4
JuniperJunos Version19.3 Updater2-s5
JuniperJunos Version19.3 Updater2-s6
JuniperJunos Version19.3 Updater3-s4
JuniperJunos Version19.4 Update-
JuniperJunos Version19.4 Updater1
JuniperJunos Version19.4 Updater1-s1
JuniperJunos Version19.4 Updater1-s2
JuniperJunos Version19.4 Updater1-s3
JuniperJunos Version19.4 Updater1-s4
JuniperJunos Version19.4 Updater2
JuniperJunos Version19.4 Updater2-s1
JuniperJunos Version19.4 Updater2-s2
JuniperJunos Version19.4 Updater2-s3
JuniperJunos Version19.4 Updater2-s4
JuniperJunos Version19.4 Updater3
JuniperJunos Version19.4 Updater3-s1
JuniperJunos Version19.4 Updater3-s2
JuniperJunos Version19.4 Updater3-s3
JuniperJunos Version19.4 Updater3-s4
JuniperJunos Version20.1 Update-
JuniperJunos Version20.1 Updater1
JuniperJunos Version20.1 Updater1-s1
JuniperJunos Version20.1 Updater1-s2
JuniperJunos Version20.1 Updater1-s3
JuniperJunos Version20.1 Updater1-s4
JuniperJunos Version20.1 Updater2
JuniperJunos Version20.1 Updater2-s1
JuniperJunos Version20.1 Updater2-s2
JuniperJunos Version20.1 Updater3
JuniperJunos Version20.1 Updater3-s1
JuniperJunos Version20.1 Updater3-s2
JuniperJunos Version20.2 Update-
JuniperJunos Version20.2 Updater1
JuniperJunos Version20.2 Updater1-s1
JuniperJunos Version20.2 Updater1-s2
JuniperJunos Version20.2 Updater1-s3
JuniperJunos Version20.2 Updater2
JuniperJunos Version20.2 Updater2-s1
JuniperJunos Version20.2 Updater2-s2
JuniperJunos Version20.2 Updater2-s3
JuniperJunos Version20.2 Updater3
JuniperJunos Version20.2 Updater3-s1
JuniperJunos Version20.2 Updater3-s2
JuniperJunos Version20.3 Update-
JuniperJunos Version20.3 Updater1
JuniperJunos Version20.3 Updater1-s1
JuniperJunos Version20.3 Updater2
JuniperJunos Version20.3 Updater2-s1
JuniperJunos Version20.3 Updater3
JuniperJunos Version20.4 Update-
JuniperJunos Version20.4 Updater1
JuniperJunos Version20.4 Updater1-s1
JuniperJunos Version20.4 Updater2
JuniperJunos Version20.4 Updater2-s1
JuniperJunos Version20.4 Updater2-s2
JuniperJunos Version21.1 Update-
JuniperJunos Version21.1 Updater1
JuniperJunos Version21.1 Updater1-s1
JuniperJunos Version21.1 Updater2
JuniperJunos Version21.2 Update-
JuniperJunos Version21.2 Updater1
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.29% 0.489
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
sirt@juniper.net 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, which slowly consumes remaining memory.