QID 43931

Date Published: 2022-10-26

QID 43931: Juniper Network Operating System (Junos OS) Denial of Service (DoS) Vulnerability (JSA11281)

Juniper Junos is the network operating system used in Juniper Networks hardware systems.

A Stack-based Buffer Overflow vulnerability in the flow processing daemon (flowd) of Juniper Networks Junos OS on MX Series and SRX series allows an unauthenticated networked attacker to cause a flowd crash and thereby a Denial of Service (DoS).

Making this QID as practice as we cannot add SIP ALG enabled check in signature.
Affected Junos OS versions:
20.4 versions prior to 20.4R3-S1
21.1 versions prior to 21.1R2-S2, 21.1R3
21.2 versions prior to 21.2R1-S2, 21.2R2
21.3 versions prior to 21.3R1-S1, 21.3R2

This issue does not affect Juniper Networks Junos OS versions prior to 20.4R1.

QID detection logic: (Authenticated)
It checks for vulnerable Junos OS version.

Successful exploitation of this vulnerability may lead to an inoperable state of the affected system causing a DoS.

  • CVSS V3 rated as High - 7.5 severity.
  • CVSS V2 rated as Medium - 4.3 severity.
    • Solution
    Please refer JSA11281

    advisory for further information.

    Vendor References

    CVEs related to QID 43931

    CVE-2022-22175 |
    Software Advisories
    Advisory ID Software Component Link
    JSA11281 URL Logo kb.juniper.net/JSA11281
    By selecting these links, you may be leaving CVEreport webspace. We have provided these links to other websites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other websites that are more appropriate for your purpose. CVEreport does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, CVEreport does not endorse any commercial products that may be mentioned on these sites. Please address comments about any linked pages to [email protected].