Vulnerability Details CVE-2022-22183
An Improper Access Control vulnerability in Juniper Networks Junos OS Evolved allows a network-based unauthenticated attacker who is able to connect to a specific open IPv4 port, which in affected releases should otherwise be unreachable, to cause the CPU to consume all resources as more traffic is sent to the port to create a Denial of Service (DoS) condition. Continued receipt and processing of these packets will create a sustained Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS Evolved 20.4 versions prior to 20.4R3-S2-EVO; 21.1 versions prior to 21.1R3-S1-EVO; 21.2 versions prior to 21.2R3-EVO; 21.3 versions prior to 21.3R2-EVO; 21.4 versions prior to 21.4R2-EVO. This issue does not affect Junos OS.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.012
EPSS Ranking 77.6%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 7.8
Products affected by CVE-2022-22183
-
cpe:2.3:o:juniper:junos_os_evolved:20.4
-
cpe:2.3:o:juniper:junos_os_evolved:21.1
-
cpe:2.3:o:juniper:junos_os_evolved:21.2
-
cpe:2.3:o:juniper:junos_os_evolved:21.3
-
cpe:2.3:o:juniper:junos_os_evolved:21.4