CVE-2022-22153
Summary
| CVE | CVE-2022-22153 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2022-01-19 01:15:00 UTC |
| Updated | 2022-01-28 17:55:00 UTC |
| Description | An Insufficient Algorithmic Complexity combined with an Allocation of Resources Without Limits or Throttling vulnerability in the flow processing daemon (flowd) of Juniper Networks Junos OS on SRX Series and MX Series with SPC3 allows an unauthenticated network attacker to cause latency in transit packet processing and even packet loss. If transit traffic includes a significant percentage (> 5%) of fragmented packets which need to be reassembled, high latency or packet drops might be observed. This issue affects Juniper Networks Junos OS on SRX Series, MX Series with SPC3: All versions prior to 18.2R3; 18.3 versions prior to 18.3R3; 18.4 versions prior to 18.4R2-S9, 18.4R3; 19.1 versions prior to 19.1R2; 19.2 versions prior to 19.2R1-S1, 19.2R2. |
Risk And Classification
Problem Types: CWE-407 | CWE-770
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Operating System | Juniper | Junos | All | All | All | All |
| Operating System | Juniper | Junos | 18.2 | - | All | All |
| Operating System | Juniper | Junos | 18.2 | r | All | All |
| Operating System | Juniper | Junos | 18.2 | r1 | All | All |
| Operating System | Juniper | Junos | 18.2 | r1 | - | All |
| Operating System | Juniper | Junos | 18.2 | r1-s2 | All | All |
| Operating System | Juniper | Junos | 18.2 | r1-s3 | All | All |
| Operating System | Juniper | Junos | 18.2 | r1-s4 | All | All |
| Operating System | Juniper | Junos | 18.2 | r1-s5 | All | All |
| Operating System | Juniper | Junos | 18.2 | r2 | All | All |
| Operating System | Juniper | Junos | 18.2 | r2-s1 | All | All |
| Operating System | Juniper | Junos | 18.2 | r2-s2 | All | All |
| Operating System | Juniper | Junos | 18.2 | r2-s3 | All | All |
| Operating System | Juniper | Junos | 18.2 | r2-s4 | All | All |
| Operating System | Juniper | Junos | 18.2 | r2-s5 | All | All |
| Operating System | Juniper | Junos | 18.2 | r2-s6 | All | All |
| Operating System | Juniper | Junos | 18.2 | r2-s7 | All | All |
| Operating System | Juniper | Junos | 18.2 | r2-s8 | All | All |
| Operating System | Juniper | Junos | 18.3 | - | All | All |
| Operating System | Juniper | Junos | 18.3 | r | All | All |
| Operating System | Juniper | Junos | 18.3 | r1 | All | All |
| Operating System | Juniper | Junos | 18.3 | r1-s1 | All | All |
| Operating System | Juniper | Junos | 18.3 | r1-s2 | All | All |
| Operating System | Juniper | Junos | 18.3 | r1-s3 | All | All |
| Operating System | Juniper | Junos | 18.3 | r1-s4 | All | All |
| Operating System | Juniper | Junos | 18.3 | r1-s5 | All | All |
| Operating System | Juniper | Junos | 18.3 | r1-s6 | All | All |
| Operating System | Juniper | Junos | 18.3 | r2 | All | All |
| Operating System | Juniper | Junos | 18.3 | r2-s1 | All | All |
| Operating System | Juniper | Junos | 18.3 | r2-s2 | All | All |
| Operating System | Juniper | Junos | 18.3 | r2-s3 | All | All |
| Operating System | Juniper | Junos | 18.3 | r2-s4 | All | All |
| Operating System | Juniper | Junos | 18.4 | - | All | All |
| Operating System | Juniper | Junos | 18.4 | r1 | All | All |
| Operating System | Juniper | Junos | 18.4 | r1-s1 | All | All |
| Operating System | Juniper | Junos | 18.4 | r1-s2 | All | All |
| Operating System | Juniper | Junos | 18.4 | r1-s3 | All | All |
| Operating System | Juniper | Junos | 18.4 | r1-s4 | All | All |
| Operating System | Juniper | Junos | 18.4 | r1-s5 | All | All |
| Operating System | Juniper | Junos | 18.4 | r1-s6 | All | All |
| Operating System | Juniper | Junos | 18.4 | r1-s7 | All | All |
| Operating System | Juniper | Junos | 18.4 | r2 | All | All |
| Operating System | Juniper | Junos | 18.4 | r2-s1 | All | All |
| Operating System | Juniper | Junos | 18.4 | r2-s2 | All | All |
| Operating System | Juniper | Junos | 18.4 | r2-s3 | All | All |
| Operating System | Juniper | Junos | 18.4 | r2-s4 | All | All |
| Operating System | Juniper | Junos | 18.4 | r2-s5 | All | All |
| Operating System | Juniper | Junos | 18.4 | r2-s6 | All | All |
| Operating System | Juniper | Junos | 18.4 | r2-s7 | All | All |
| Operating System | Juniper | Junos | 18.4 | r2-s8 | All | All |
| Operating System | Juniper | Junos | 19.1 | - | All | All |
| Operating System | Juniper | Junos | 19.1 | r1 | All | All |
| Operating System | Juniper | Junos | 19.1 | r1-s1 | All | All |
| Operating System | Juniper | Junos | 19.1 | r1-s2 | All | All |
| Operating System | Juniper | Junos | 19.1 | r1-s3 | All | All |
| Operating System | Juniper | Junos | 19.1 | r1-s4 | All | All |
| Operating System | Juniper | Junos | 19.1 | r1-s5 | All | All |
| Operating System | Juniper | Junos | 19.1 | r1-s6 | All | All |
| Operating System | Juniper | Junos | 19.2 | - | All | All |
| Operating System | Juniper | Junos | 19.2 | r1 | All | All |
| Hardware | Juniper | Mx10 | - | All | All | All |
| Hardware | Juniper | Mx10000 | - | All | All | All |
| Hardware | Juniper | Mx10003 | - | All | All | All |
| Hardware | Juniper | Mx10008 | - | All | All | All |
| Hardware | Juniper | Mx10016 | - | All | All | All |
| Hardware | Juniper | Mx104 | - | All | All | All |
| Hardware | Juniper | Mx150 | - | All | All | All |
| Hardware | Juniper | Mx2008 | - | All | All | All |
| Hardware | Juniper | Mx2010 | - | All | All | All |
| Hardware | Juniper | Mx2020 | - | All | All | All |
| Hardware | Juniper | Mx204 | - | All | All | All |
| Hardware | Juniper | Mx240 | - | All | All | All |
| Hardware | Juniper | Mx40 | - | All | All | All |
| Hardware | Juniper | Mx480 | - | All | All | All |
| Hardware | Juniper | Mx5 | - | All | All | All |
| Hardware | Juniper | Mx80 | - | All | All | All |
| Hardware | Juniper | Mx960 | - | All | All | All |
| Hardware | Juniper | Srx100 | - | All | All | All |
| Hardware | Juniper | Srx110 | - | All | All | All |
| Hardware | Juniper | Srx1400 | - | All | All | All |
| Hardware | Juniper | Srx1500 | - | All | All | All |
| Hardware | Juniper | Srx210 | - | All | All | All |
| Hardware | Juniper | Srx220 | - | All | All | All |
| Hardware | Juniper | Srx240 | - | All | All | All |
| Hardware | Juniper | Srx240h2 | - | All | All | All |
| Hardware | Juniper | Srx300 | - | All | All | All |
| Hardware | Juniper | Srx320 | - | All | All | All |
| Hardware | Juniper | Srx340 | - | All | All | All |
| Hardware | Juniper | Srx3400 | - | All | All | All |
| Hardware | Juniper | Srx345 | - | All | All | All |
| Hardware | Juniper | Srx3600 | - | All | All | All |
| Hardware | Juniper | Srx380 | - | All | All | All |
| Hardware | Juniper | Srx4000 | - | All | All | All |
| Hardware | Juniper | Srx4100 | - | All | All | All |
| Hardware | Juniper | Srx4200 | - | All | All | All |
| Hardware | Juniper | Srx4600 | - | All | All | All |
| Hardware | Juniper | Srx5000 | - | All | All | All |
| Hardware | Juniper | Srx5400 | - | All | All | All |
| Hardware | Juniper | Srx550 | - | All | All | All |
| Hardware | Juniper | Srx550m | - | All | All | All |
| Hardware | Juniper | Srx550 Hm | - | All | All | All |
| Hardware | Juniper | Srx5600 | - | All | All | All |
| Hardware | Juniper | Srx5800 | - | All | All | All |
| Hardware | Juniper | Srx650 | - | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| 2022-01 Security Bulletin: SRX Series and MX Series with SPC3: A high percentage of fragments might lead to high latency or packet drops (CVE-2022-22153) - Juniper Networks | CONFIRM | kb.juniper.net | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.