CVE-2022-22194 HIGH

CVE-2022-22194: Junos OS Evolved: PTX series: An attacker sending a crafted GRE packet will cause the PFE to restart

Vendor Juniper Networks
Product Junos OS Evolved
Weakness CWE-754
Published April 14, 2022
Last update September 17, 2024

CVSS base score

7.5/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality None
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

What the vulnerability does

01Description

An Improper Check for Unusual or Exceptional Conditions vulnerability in the packetIO daemon of Juniper Networks Junos OS Evolved on PTX10003, PTX10004, and PTX10008 allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). Continued receipt of these crafted packets will cause a sustained Denial of Service condition. This issue affects Juniper Networks Junos OS Evolved all versions prior to 20.4R2-S3-EVO on PTX10003, PTX10004, and PTX10008. This issue does not affect: Juniper Networks Junos OS Evolved versions 21.1R1-EVO and above; Juniper Networks Junos OS.

Key dates

02Disclosure timeline

April 14, 2022 CVE published
September 17, 2024 Record updated