Risk | Medium |
Patch available | YES |
Number of vulnerabilities | 1 |
CVE-ID | CVE-2022-22231 |
CWE-ID | CWE-690 |
Exploitation vector | Network |
Public exploit | N/A |
Vulnerable software Subscribe |
Juniper Junos OS Operating systems & Components / Operating system |
Vendor | Juniper Networks, Inc. |
Security Bulletin
This security bulletin contains one medium risk vulnerability.
EUVDB-ID: #VU82504
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-22231
CWE-ID:
CWE-690 - Unchecked Return Value to NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to unchecked return value to null pointer dereference error in Packet Forwarding Engine (PFE). A remote non-authenticated attacker can cause a Denial of Service (DoS).
On SRX Series if Unified Threat Management (UTM) Enhanced Content Filtering (CF) and AntiVirus (AV) are enabled together and the system processes specific valid transit traffic the Packet Forwarding Engine (PFE) will crash and restart.
MitigationInstall updates from vendor's website.
Vulnerable software versionsJuniper Junos OS: 21.4R1 - 21.4R1-S1
External linksQ & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.