CVE-2022-22206— Junos OS: SRX series: The PFE will crash when specific traffic is scanned by Enhanced Web Filtering safe-search

CVSS 7.5 · High EPSS 0.61% · P70 Updated Feb 25, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2022-22206

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

Junos OS: SRX series: The PFE will crash when specific traffic is scanned by Enhanced Web Filtering safe-search

Source: NVD (National Vulnerability Database)

Vulnerability Description

A Buffer Overflow vulnerability in the PFE of Juniper Networks Junos OS on SRX series allows an unauthenticated network based attacker to cause a Denial of Service (DoS). The PFE will crash when specific traffic is scanned by Enhanced Web Filtering safe-search feature of UTM (Unified Threat management). Continued receipt of this specific traffic will create a sustained Denial of Service (DoS) condition. This issue affects Juniper Networks Junos OS: 20.2 versions prior to 20.2R3-S4 on SRX Series; 20.3 versions prior to 20.3R3-S3 on SRX Series; 20.4 versions prior to 20.4R3-S3 on SRX Series; 21.1 versions prior to 21.1R3-S1 on SRX Series; 21.2 versions prior to 21.2R2-S2, 21.2R3 on SRX Series; 21.3 versions prior to 21.3R2 on SRX Series; 21.4 versions prior to 21.4R2 on SRX Series. This issue does not affect Juniper Networks Junos OS versions prior to 20.2R1.

Source: NVD (National Vulnerability Database)

CVSS Information

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Juniper Networks Junos OS SRX 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Juniper Networks Junos OS是美国瞻博网络（Juniper Networks）公司的一套专用于该公司的硬件设备的网络操作系统。该操作系统提供了安全编程接口和Junos SDK。 Juniper Networks Junos OS SRX 20.2、20.3、20.4、21.1、21.2、21.3、21.4版本存在安全漏洞，攻击者利用该漏洞可以通过增强的 Web 过滤安全搜索导致 Junos OS 的致命错误，以触发拒绝服务。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
Juniper Networks	Junos OS	20.2 ~ 20.2R3-S4	-
Juniper Networks	Junos OS	unspecified ~ 20.2R1	-

II. Public POCs for CVE-2022-22206

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2022-22206

请登录查看更多情报信息。

https://kb.juniper.net/JSA69710x_refsource_CONFIRM
https://nvd.nist.gov/vuln/detail/CVE-2022-22206

Same Patch Batch · Juniper Networks · 2022-07-20 · 15 CVEs total

CVE-2022-22221	7.8 HIGH	Junos OS: SRX and EX Series: Local privilege escalation flaw in "download" functionality
CVE-2022-22205	7.5 HIGH	Junos OS: SRX Series: An FPC memory leak can occur in an APBR scenario
CVE-2022-22207	7.5 HIGH	Junos OS: MX Series with MPC11: In a GNF / node slicing scenario gathering AF interface st
CVE-2022-22209	7.5 HIGH	Junos OS: RIB and PFEs can get out of sync due to a memory leak caused by interface flaps
CVE-2022-22212	7.5 HIGH	Junos OS Evolved: A high rate of specific hostbound traffic will cause unexpected hostboun
CVE-2022-22202	6.5 MEDIUM	Junos OS: PTX Series: FPCs may restart unexpectedly upon receipt of specific MPLS packets
CVE-2022-22203	6.5 MEDIUM	Junos OS: EX4600 Series and QFX5000 Series: Receipt of specific traffic will lead to an fx
CVE-2022-22210	6.5 MEDIUM	Junos OS: QFX5000 Series and MX Series: An l2alm crash leading to an FPC crash can be obse
CVE-2022-22214	6.5 MEDIUM	Junos OS and Junos OS Evolved: In an MPLS scenario upon receipt of a specific IPv6 packet
CVE-2022-22215	6.5 MEDIUM	Junos OS and Junos OS Evolved: /var/run/<pid>.env files are potentially not deleted during
CVE-2022-22217	6.1 MEDIUM	Junos OS: QFX10K Series: Denial of Service (DoS) upon receipt of crafted MLD packets on mu
CVE-2022-22213	5.9 MEDIUM	Junos OS and Junos OS Evolved: Denial of Service (DoS) vulnerability in RPD upon receipt o
CVE-2022-22204	5.3 MEDIUM	Junos OS: MX Series and SRX Series: When receiving a specific SIP packets stale call table
CVE-2022-22216	4.3 MEDIUM	Junos OS: PTX Series and QFX10000 Series: 'Etherleak' memory disclosure in Ethernet paddin

IV. Related Vulnerabilities

Same product: Junos OS

Same vendor: Juniper Networks

V. Comments for CVE-2022-22206

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2022-22206— Junos OS: SRX series: The PFE will crash when specific traffic is scanned by Enhanced Web Filtering safe-search

I. Basic Information for CVE-2022-22206

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2022-22206

III. Intelligence Information for CVE-2022-22206

Same Patch Batch · Juniper Networks · 2022-07-20 · 15 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2022-22206

Leave a comment