目標達成 すべての支援者に感謝 — 100%達成しました!

目標: 1000 CNY · 調達済み: 1000 CNY

100.0%
コーヒーを一杯おごる

CVE-2022-22173— Juniper Networks Junos OS 安全漏洞

CVSS 7.5 · High EPSS 0.29% · P52
新しい脆弱性情報の通知を購読するログインして購読

I. CVE-2022-22173の基本情報

脆弱性情報
脆弱性についてご質問がありますか?Shenlongの分析が参考になるかご確認ください!
Shenlongの10の質問を表示 ↗

高度な大規模言語モデル技術を使用していますが、出力には不正確または古い情報が含まれる可能性があります。Shenlongはデータの正確性を確保するよう努めていますが、実際の状況に基づいて検証・判断してください。

脆弱性タイトル
Junos OS: CRL failing to download causes a memory leak and ultimately a DoS
ソース: NVD (National Vulnerability Database)
脆弱性説明
A Missing Release of Memory after Effective Lifetime vulnerability in the Public Key Infrastructure daemon (pkid) of Juniper Networks Junos OS allows an unauthenticated networked attacker to cause Denial of Service (DoS). In a scenario where Public Key Infrastructure (PKI) is used in combination with Certificate Revocation List (CRL), if the CRL fails to download the memory allocated to store the CRL is not released. Repeated occurrences will eventually consume all available memory and lead to an inoperable state of the affected system causing a DoS. This issue affects Juniper Networks Junos OS: All versions prior to 18.3R3-S6; 18.4 versions prior to 18.4R2-S9, 18.4R3-S10; 19.1 versions prior to 19.1R2-S3, 19.1R3-S7; 19.2 versions prior to 19.2R1-S8, 19.2R3-S4; 19.3 versions prior to 19.3R3-S4; 19.4 versions prior to 19.4R2-S5, 19.4R3-S5; 20.1 versions prior to 20.1R3-S1; 20.2 versions prior to 20.2R3-S2; 20.3 versions prior to 20.3R3-S1; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R2, 21.1R3; 21.2 versions prior to 21.2R1-S1, 21.2R2. This issue can be observed by monitoring the memory utilization of the pkid process via: root@jtac-srx1500-r2003> show system processes extensive | match pki 20931 root 20 0 733M 14352K select 0:00 0.00% pkid which increases over time: root@jtac-srx1500-r2003> show system processes extensive | match pki 22587 root 20 0 901M 181M select 0:03 0.00% pkid
ソース: NVD (National Vulnerability Database)
CVSS情報
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
ソース: NVD (National Vulnerability Database)
脆弱性タイプ
在移除最后引用时对内存的释放不恰当(内存泄露)
ソース: NVD (National Vulnerability Database)
脆弱性タイトル
Juniper Networks Junos OS 安全漏洞
ソース: CNNVD (China National Vulnerability Database)
脆弱性説明
Juniper Networks Junos OS是美国瞻博网络(Juniper Networks)公司的一套专用于该公司的硬件设备的网络操作系统。该操作系统提供了安全编程接口和Junos SDK。 Juniper Networks Junos OS 存在安全漏洞,该漏洞源于公钥基础结构守护程序(pkid)内存泄漏。攻击者可利用该漏洞对目标系统执行DoS攻击。
ソース: CNNVD (China National Vulnerability Database)
CVSS情報
N/A
ソース: CNNVD (China National Vulnerability Database)
脆弱性タイプ
N/A
ソース: CNNVD (China National Vulnerability Database)

影響を受ける製品

ベンダープロダクト影響を受けるバージョンCPE購読
Juniper NetworksJunos OS unspecified ~ 18.3R3-S6 -

II. CVE-2022-22173の公開POC

#POC説明ソースリンクShenlongリンク
AI生成POCプレミアム

公開POCは見つかりませんでした。

ログインしてAI POCを生成

III. CVE-2022-22173のインテリジェンス情報

登录查看更多情报信息。

Same Patch Batch · Juniper Networks · 2022-01-19 · 27 CVEs total

CVE-2022-221527.7 HIGHContrail Service Orchestration: Tenants able to see other tenants policies via REST API in
CVE-2022-221537.5 HIGHSRX Series and MX Series with SPC3: A high percentage of fragments might lead to high late
CVE-2022-221807.5 HIGHJunos OS: EX2300 Series, EX2300-MP Series, EX3400 Series: A slow memory leak due to proces
CVE-2022-221787.5 HIGHJunos OS: MX and SRX series: Flowd core observed if the SIP ALG is enabled and a specific
CVE-2022-221757.5 HIGHJunos OS: MX Series and SRX Series: The flowd daemon will crash if the SIP ALG is enabled
CVE-2022-221747.5 HIGHJunos OS: QFX5000 Series, EX4600: Device may run out of memory, causing traffic loss, upon
CVE-2022-221717.5 HIGHJunos OS: Specific packets over VXLAN cause FPC reset
CVE-2022-221707.5 HIGHJunos OS: Specific packets over VXLAN cause FPC memory leak and ultimately reset
CVE-2022-221617.5 HIGHJunos OS: MX104 might become unresponsive if the out-of-band management port receives a fl
CVE-2022-221597.5 HIGHJunos OS: An attacker sending crafted packets can cause a traffic and CPU Denial of Servic
CVE-2022-221637.4 HIGHJunos OS: jdhcpd crashes upon receipt of a specific DHCPv6 packet
CVE-2022-221767.4 HIGHJunos OS: In a scenario with dhcp-security and option-82 configured jdhcpd crashes upon re
CVE-2022-221627.3 HIGHJunos OS: A low privileged user can elevate their privileges to the ones of the highest pr
CVE-2022-221677.2 HIGHJunos OS: SRX Series: If no-syn-check is enabled, traffic classified as UNKNOWN gets permi
CVE-2022-221577.2 HIGHJunos OS: SRX Series: Traffic classification vulnerability when 'no-syn-check' is enabled
CVE-2022-221546.8 MEDIUMJunos Fusion: A Satellite Device can be controlled by rewiring it to a foreign AD causing
CVE-2022-221686.5 MEDIUMJunos OS: vMX and MX150: Specific packets might cause a memory leak and eventually an FPC
CVE-2022-221606.5 MEDIUMJunos OS: MX Series: The bbe-smgd process crashes if an unsupported configuration exists a
CVE-2022-221666.5 MEDIUMJunos OS: An rpd core will occur if BGP update tracing is configured and an update contain
CVE-2022-221726.5 MEDIUMJunos OS and Junos OS Evolved: An l2cpd memory leak can occur when specific LLDP packets a

Showing 20 of 27 CVEs. View all on vendor page →

IV. 関連脆弱性

同じ製品: Junos OS
同じベンダー: Juniper Networks
同じ弱点: CWE-401

V. CVE-2022-22173へのコメント

まだコメントはありません

コメントを残す