#VU59561 Memory leak in Juniper Junos OS - CVE-2022-22174
Published: January 12, 2022
Vulnerability identifier: #VU59561
Vulnerability risk: Medium
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2022-22174
CWE-ID: CWE-401
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
Juniper Junos OS
Juniper Junos OS
Software vendor:
Juniper Networks, Inc.
Juniper Networks, Inc.
Description
The vulnerability allows a remote attacker to perform DoS attack on the target system.
The vulnerability exists due memory leak in the processing of inbound IPv6 packets in Juniper Networks Junos OS on QFX5000 Series and EX4600 switches. A remote attacker can send specially crafted traffic to the system and perform denial of service attack.
Remediation
Install updates from vendor's website.