7.5
CVE-2022-22247
- EPSS 0.06%
- Published 18.10.2022 03:15:11
- Last modified 21.11.2024 06:46:29
- Source sirt@juniper.net
- Teams watchlist Login
- Open Login
An Improper Input Validation vulnerability in ingress TCP segment processing of Juniper Networks Junos OS Evolved allows a network-based unauthenticated attacker to send a crafted TCP segment to the device, triggering a kernel panic, leading to a Denial of Service (DoS) condition. Continued receipt and processing of this TCP segment could create a sustained Denial of Service (DoS) condition. This issue affects Juniper Networks Junos OS Evolved: 21.3 versions prior to 21.3R3-EVO; 21.4 versions prior to 21.4R2-EVO; 22.1 versions prior to 22.1R2-EVO. This issue does not affect Juniper Networks Junos OS Evolved versions prior to 21.3R1-EVO.
Data is provided by the National Vulnerability Database (NVD)
Juniper ≫ Junos Os Evolved Version21.3 Update-
Juniper ≫ Junos Os Evolved Version21.3 Updater1
Juniper ≫ Junos Os Evolved Version21.3 Updater1-s1
Juniper ≫ Junos Os Evolved Version21.3 Updater2
Juniper ≫ Junos Os Evolved Version21.4 Update-
Juniper ≫ Junos Os Evolved Version21.4 Updater1
Juniper ≫ Junos Os Evolved Version21.4 Updater1-s1
Juniper ≫ Junos Os Evolved Version22.1 Updater1
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.06% | 0.199 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| sirt@juniper.net | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.