7.8

CVE-2022-22195

An Improper Update of Reference Count vulnerability in the kernel of Juniper Networks Junos OS Evolved allows an unauthenticated, network-based attacker to trigger a counter overflow, eventually causing a Denial of Service (DoS). This issue affects Juniper Networks Junos OS Evolved: All versions prior to 20.4R3-S1-EVO; 21.1 versions prior to 21.1R3-EVO; 21.2 versions prior to 21.2R3-EVO; 21.3 versions prior to 21.3R2-EVO. This issue does not affect Juniper Networks Junos OS.

Data is provided by the National Vulnerability Database (NVD)
JuniperJunos Os Evolved Version < 20.4
JuniperJunos Os Evolved Version20.4 Updater1
JuniperJunos Os Evolved Version20.4 Updater1-s1
JuniperJunos Os Evolved Version20.4 Updater1-s2
JuniperJunos Os Evolved Version20.4 Updater2
JuniperJunos Os Evolved Version20.4 Updater2-s1
JuniperJunos Os Evolved Version20.4 Updater2-s2
JuniperJunos Os Evolved Version20.4 Updater2-s3
JuniperJunos Os Evolved Version20.4 Updater3
JuniperJunos Os Evolved Version21.1 Updater1
JuniperJunos Os Evolved Version21.1 Updater1-s1
JuniperJunos Os Evolved Version21.1 Updater2
JuniperJunos Os Evolved Version21.2 Updater1
JuniperJunos Os Evolved Version21.2 Updater1-s1
JuniperJunos Os Evolved Version21.2 Updater2
JuniperJunos Os Evolved Version21.3 Updater1
JuniperJunos Os Evolved Version21.3 Updater1-s1
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.63% 0.691
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov 7.8 10 6.9
AV:N/AC:L/Au:N/C:N/I:N/A:C
sirt@juniper.net 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE-911 Improper Update of Reference Count

The product uses a reference count to manage a resource, but it does not update or incorrectly updates the reference count.