Published: 19/01/2022 Updated: 28/01/2022

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 446

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

An Insufficient Algorithmic Complexity combined with an Allocation of Resources Without Limits or Throttling vulnerability in the flow processing daemon (flowd) of Juniper Networks Junos OS on SRX Series and MX Series with SPC3 allows an unauthenticated network malicious user to cause latency in transit packet processing and even packet loss. If transit traffic includes a significant percentage (> 5%) of fragmented packets which need to be reassembled, high latency or packet drops might be observed. This issue affects Juniper Networks Junos OS on SRX Series, MX Series with SPC3: All versions before 18.2R3; 18.3 versions before 18.3R3; 18.4 versions before 18.4R2-S9, 18.4R3; 19.1 versions before 19.1R2; 19.2 versions before 19.2R1-S1, 19.2R2.

Vulnerable Product	Search on Vulmon	Subscribe to Product
juniper junos
juniper junos 18.2
juniper junos 18.3
juniper junos 18.4
juniper junos 19.1
juniper junos 19.2

CWE-407 CWE-770 https://kb.juniper.net/JSA11261 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2022-22153

Vulnerability Summary

Vulnerability Trend

References

Vulmon Search

About

Products

Connect