CVE-2022-22231 — HIGH (7.5)

Vulnerability Description

An Unchecked Return Value to NULL Pointer Dereference vulnerability in Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). On SRX Series if Unified Threat Management (UTM) Enhanced Content Filtering (CF) and AntiVirus (AV) are enabled together and the system processes specific valid transit traffic the Packet Forwarding Engine (PFE) will crash and restart. This issue affects Juniper Networks Junos OS 21.4 versions prior to 21.4R1-S2, 21.4R2 on SRX Series. This issue does not affect Juniper Networks Junos OS versions prior to 21.4R1.

CVSS Score

7.5

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

NONE

Availability

HIGH

Affected Products

Vendor	Product	Versions
Juniper	Junos	21.4
Juniper	Srx1500	-
Juniper	Srx4100	-
Juniper	Srx4200	-
Juniper	Srx4600	-
Juniper	Srx5400	-
Juniper	Srx550	-
Juniper	Srx5600	-
Juniper	Srx5800	-

Related Weaknesses (CWE)

CWE-690 CWE-252

References

https://kb.juniper.net/JSA69885Vendor Advisory
https://kb.juniper.net/JSA69885Vendor Advisory

FAQ

What is CVE-2022-22231?

CVE-2022-22231 is a vulnerability with a CVSS score of 7.5 (HIGH). An Unchecked Return Value to NULL Pointer Dereference vulnerability in Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause a Denial o...

How severe is CVE-2022-22231?

CVE-2022-22231 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2022-22231?

Check the references section above for vendor advisories and patch information. Affected products include: Juniper Junos, Juniper Srx1500, Juniper Srx4100, Juniper Srx4200, Juniper Srx4600.