Vulnerability Description
A NULL Pointer Dereference vulnerability in the Packet Forwarding Engine of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). On SRX Series If Unified Threat Management (UTM) Enhanced Content Filtering (CF) is enabled and specific transit traffic is processed the PFE will crash and restart. This issue affects Juniper Networks Junos OS: 21.4 versions prior to 21.4R1-S2, 21.4R2 on SRX Series; 22.1 versions prior to 22.1R1-S1, 22.1R2 on SRX Series. This issue does not affect Juniper Networks Junos OS versions prior to 21.4R1.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Juniper | Junos | 21.4 |
| Juniper | Srx100 | - |
| Juniper | Srx110 | - |
| Juniper | Srx1400 | - |
| Juniper | Srx1500 | - |
| Juniper | Srx210 | - |
| Juniper | Srx220 | - |
| Juniper | Srx240 | - |
| Juniper | Srx240H2 | - |
| Juniper | Srx240M | - |
| Juniper | Srx300 | - |
| Juniper | Srx320 | - |
| Juniper | Srx340 | - |
| Juniper | Srx3400 | - |
| Juniper | Srx345 | - |
| Juniper | Srx3600 | - |
| Juniper | Srx380 | - |
| Juniper | Srx4000 | - |
| Juniper | Srx4100 | - |
| Juniper | Srx4200 | - |
Related Weaknesses (CWE)
References
- https://kb.juniper.net/JSA69886Vendor Advisory
- https://kb.juniper.net/JSA69886Vendor Advisory
FAQ
What is CVE-2022-22232?
CVE-2022-22232 is a vulnerability with a CVSS score of 7.5 (HIGH). A NULL Pointer Dereference vulnerability in the Packet Forwarding Engine of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS)...
How severe is CVE-2022-22232?
CVE-2022-22232 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-22232?
Check the references section above for vendor advisories and patch information. Affected products include: Juniper Junos, Juniper Srx100, Juniper Srx110, Juniper Srx1400, Juniper Srx1500.