1. Home
  2. CVE Database
  3. CVE-2022-22235
MEDIUM · 5.9

CVE-2022-22235

An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based, attacke...

Vulnerability Description

An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based, attacker to cause Denial of Service (DoS). A PFE crash will happen when a GPRS Tunnel Protocol (GTP) packet is received with a malformed field in the IP header of GTP encapsulated General Packet Radio Services (GPRS) traffic. The packet needs to match existing state which is outside the attackers control, so the issue cannot be directly exploited. The issue will only be observed when endpoint address validation is enabled. This issue affects Juniper Networks Junos OS on SRX Series: 20.2 versions prior to 20.2R3-S5; 20.3 versions prior to 20.3R3-S4; 20.4 versions prior to 20.4R3-S3; 21.1 versions prior to 21.1R3-S2; 21.2 versions prior to 21.2R3-S1; 21.3 versions prior to 21.3R3; 21.4 versions prior to 21.4R1-S2, 21.4R2; 22.1 versions prior to 22.1R1-S1, 22.1R2. This issue does not affect Juniper Networks Junos OS versions prior to 20.2R1.

CVSS Score

5.9

MEDIUM

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
NONE
Integrity
NONE
Availability
HIGH

Affected Products

VendorProductVersions
JuniperJunos20.2
JuniperSrx100-
JuniperSrx110-
JuniperSrx1400-
JuniperSrx1500-
JuniperSrx210-
JuniperSrx220-
JuniperSrx240-
JuniperSrx240H2-
JuniperSrx240M-
JuniperSrx300-
JuniperSrx320-
JuniperSrx340-
JuniperSrx3400-
JuniperSrx345-
JuniperSrx3600-
JuniperSrx380-
JuniperSrx4000-
JuniperSrx4100-
JuniperSrx4200-

Related Weaknesses (CWE)

CWE-754

References

FAQ

What is CVE-2022-22235?

CVE-2022-22235 is a vulnerability with a CVSS score of 5.9 (MEDIUM). An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based, attacke...

How severe is CVE-2022-22235?

CVE-2022-22235 has been rated MEDIUM with a CVSS base score of 5.9/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2022-22235?

Check the references section above for vendor advisories and patch information. Affected products include: Juniper Junos, Juniper Srx100, Juniper Srx110, Juniper Srx1400, Juniper Srx1500.