#VU68365 Input validation error in Junos OS Evolved and Juniper Junos OS - CVE-2022-22230
Vulnerability identifier: #VU68365
Vulnerability risk: Medium
CVSSv4.0: 4.9 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID:
CWE-ID:
CWE-20
Exploitation vector: Local network
Exploit availability: No
Vulnerable software:
Junos OS Evolved
Operating systems & Components /
Operating system
Juniper Junos OS
Operating systems & Components /
Operating system
Vendor: Juniper Networks, Inc.
Description
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input in the Routing Protocol Daemon (rpd). If another router generates more than one specific valid OSPFv3 LSA then rpd will crash.
Mitigation
Install updates from vendor's website.
Vulnerable software versions
Junos OS Evolved: 20.4R1-EVO, 20.4R1-S1-EVO, 20.4R1-S2-EVO, 20.4R2-EVO, 20.4R2-S1-EVO, 20.4R2-S2-EVO, 20.4R2-S3-EVO, 20.4R3-EVO, 20.4R3-S1-EVO, 20.4R3-S2-EVO, 20.4R3-S3-EVO, 20.4R3-S4-EVO, 20.4, 21.1R1-EVO, 21.1R1-S1-EVO, 21.1R2-EVO, 21.1R3-EVO, 21.1R3-S1-EVO, 21.1, 21.1-EVO, 21.2R1-EVO, 21.2R1-S1-EVO, 21.2R1-S2-EVO, 21.2R2-EVO, 21.2R2-S1-EVO, 21.2R2-S2-EVO, 21.2R3-EVO, 21.2-EVO, 21.3R1-EVO, 21.3R1-S1-EVO, 21.3R2-EVO, 21.3R2-S1-EVO, 21.3R2-S2-EVO, 21.3R3-EVO, 21.3R3-S1-EVO, 21.3-EVO, 21.4R1-EVO, 21.4R1-S1-EVO, 21.4R1-S2-EVO, 22.1R1-EVO, 22.1R1-S1-EVO, 22.1R1-S2-EVO, 22.1-EVO, 22.2R1-EVO, 22.2R1-S1-EVO, 22.2-EVO
Juniper Junos OS: 19.2R1-S1, 19.2R1-S2, 19.2R1-S3, 19.2R1-S4, 19.2R1-S5, 19.2R1-S6, 19.2R1-S7, 19.2R1-S8, 19.2R1-S9, 19.2R2-S1, 19.2R3-S1, 19.2R3-S2, 19.2R3-S3, 19.2R3-S4, 19.2R3-S5, 19.2, 19.2R1, 19.2R2, 19.2R3, 19.4R1-S1, 19.4R1-S2, 19.4R1-S3, 19.4R1-S4, 19.4R2-S1, 19.4R2-S2, 19.4R2-S3, 19.4R2-S4, 19.4R2-S5, 19.4R2-S6, 19.4R2-S7, 19.4, 19.4R1, 19.4R2, 20.2R1-S1, 20.2R1-S2, 20.2R1-S3, 20.2R2-S1, 20.2R2-S2, 20.2R2-S3, 20.2R3-S1, 20.2R3-S2, 20.2R3-S3, 20.2R3-S4, 20.2, 20.2R1, 20.2R2, 20.2R3, 20.3R1-S1, 20.3R1-S2, 20.3R2-S1, 20.3R3-S1, 20.3R3-S2, 20.3R3-S3, 20.3R3-S4, 20.3, 20.3R1, 20.3R2, 20.3R3, 20.4R1-S1, 20.4R2-S1, 20.4R2-S2, 20.4R3-S1, 20.4R3-S2, 20.4R3-S3, 20.4, 20.4R1, 20.4R2, 20.4R3, 21.1R1-S1, 21.1R2-S1, 21.1R2-S2, 21.1R3-S1, 21.1, 21.1R1, 21.1R2, 21.1R3, 21.2R1-S1, 21.2R1-S2, 21.2R2-S1, 21.2R2-S2, 21.2R1, 21.2R2, 21.2R3, 21.3R1-S1, 21.3R1-S2, 21.3R2-S1, 21.3R2-S2, 21.3R3-S1, 21.3R1, 21.3R2, 21.3R3, 21.4R1-S1, 21.4R1-S2, 21.4R1, 22.1R1-S1, 22.1R1-S2, 22.1R1
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
