CVE-2022-22153
7.5
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Exploitability: 3.9 / Impact: 3.6
Source: NVD
Description
An Insufficient Algorithmic Complexity combined with an Allocation of Resources Without Limits or Throttling vulnerability in the flow processing daemon (flowd) of Juniper Networks Junos OS on SRX Series and MX Series with SPC3 allows an unauthenticated network attacker to cause latency in transit packet processing and even packet loss. If transit traffic includes a significant percentage (> 5%) of fragmented packets which need to be reassembled, high latency or packet drops might be observed. This issue affects Juniper Networks Junos OS on SRX Series, MX Series with SPC3: All versions prior to 18.2R3; 18.3 versions prior to 18.3R3; 18.4 versions prior to 18.4R2-S9, 18.4R3; 19.1 versions prior to 19.1R2; 19.2 versions prior to 19.2R1-S1, 19.2R2.
Affected (60)
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Before 18.2 |
| Running on/with | Platform Versions |
|---|---|
Juniper Mx10 | All versions |
Juniper Mx10000 | All versions |
Juniper Mx10003 | All versions |
Juniper Mx10008 | All versions |
Juniper Mx10016 | All versions |
Juniper Mx104 | All versions |
Juniper Mx150 | All versions |
Juniper Mx2008 | All versions |
Juniper Mx2010 | All versions |
Juniper Mx2020 | All versions |
Juniper Mx204 | All versions |
Juniper Mx240 | All versions |
Juniper Mx40 | All versions |
Juniper Mx480 | All versions |
Juniper Mx5 | All versions |
Juniper Mx80 | All versions |
Juniper Mx960 | All versions |
Juniper Srx100 | All versions |
Juniper Srx110 | All versions |
Juniper Srx1400 | All versions |
Juniper Srx1500 | All versions |
Juniper Srx210 | All versions |
Juniper Srx220 | All versions |
Juniper Srx240 | All versions |
Juniper Srx240h2 | All versions |
Juniper Srx300 | All versions |
Juniper Srx320 | All versions |
Juniper Srx340 | All versions |
Juniper Srx3400 | All versions |
Juniper Srx345 | All versions |
Juniper Srx3600 | All versions |
Juniper Srx380 | All versions |
Juniper Srx4000 | All versions |
Juniper Srx4100 | All versions |
Juniper Srx4200 | All versions |
Juniper Srx4600 | All versions |
Juniper Srx5000 | All versions |
Juniper Srx5400 | All versions |
Juniper Srx550 | All versions |
Juniper Srx550 Hm | All versions |
Juniper Srx550m | All versions |
Juniper Srx5600 | All versions |
Juniper Srx5800 | All versions |
Juniper Srx650 | All versions |
Related CWEs
CWE-407
Inefficient Algorithmic Complexity
An algorithm in a product has an inefficient worst-case computational complexity that may be detrimental to system performance and can be triggered by an attacker, typically using crafted manipulations that ensure that the worst case is being reached.
CWE-770
Allocation of Resources Without Limits or Throttling
The product allocates a reusable resource or group of resources on behalf of an actor without imposing any restrictions on the size or number of resources that can be allocated, in violation of the intended security policy for that actor.
References (2)
Timeline
No history available yet.