Main Vulnerability Database Vulnerabilities #VU59632

#VU59632 Inefficient algorithmic complexity in Juniper Junos OS - CVE-2022-22153

Published: January 17, 2022

Vulnerability identifier: #VU59632

Vulnerability risk: Medium

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2022-22153

CWE-ID: CWE-407

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
Juniper Junos OS

Software vendor:
Juniper Networks, Inc.

Description

The vulnerability allows a remote attacker to perform DoS attack.

The vulnerability exists due to insufficient algorithmic complexity along with an error of resource allocation in the flow processing daemon (flowd) on SRX Series and MX Series with SPC3. A remote attacker can cause latency in transit packet processing and even packet loss, if transit traffic includes a significant percentage (> 5%) of fragmented packets.

Remediation

Install updates from vendor's website.

External links

https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11261&cat=SIRT_1&actp=LIST

#VU59632 Inefficient algorithmic complexity in Juniper Junos OS - CVE-2022-22153

Description

Remediation

External links

Please verify you're human