Published: 20/07/2022 Updated: 27/07/2022

CVSS v3 Base Score: 5.3 | Impact Score: 1.4 | Exploitability Score: 3.9

VMScore: 0

An Improper Release of Memory Before Removing Last Reference vulnerability in the Session Initiation Protocol (SIP) Application Layer Gateway (ALG) of Juniper Networks Junos OS allows unauthenticated network-based malicious user to cause a partial Denial of Service (DoS). On all MX and SRX platforms, if the SIP ALG is enabled, receipt of a specific SIP packet will create a stale SIP entry. Sustained receipt of such packets will cause the SIP call table to eventually fill up and cause a DoS for all SIP traffic. The SIP call usage can be monitored by "show security alg sip calls". To be affected the SIP ALG needs to be enabled, either implicitly / by default or by way of configuration. Please verify on SRX with: user@host> show security alg status | match sip SIP : Enabled Please verify on MX whether the following is configured: [ services ... rule <rule-name> (term <term-name>) from/match application/application-set <name> ] where either a. name = junos-sip or an application or application-set refers to SIP: b. [ applications application <name> application-protocol sip ] or c. [ applications application-set <name> application junos-sip ] This issue affects Juniper Networks Junos OS on SRX Series and MX Series: 20.4 versions before 20.4R3-S2; 21.1 versions before 21.1R3-S2; 21.2 versions before 21.2R2-S2; 21.2 versions before 21.2R3; 21.3 versions before 21.3R2; 21.4 versions before 21.4R2. This issue does not affect Juniper Networks Junos OS versions before 20.4R1. Juniper SIRT is not aware of any malicious exploitation of this vulnerability.

Vulnerable Product	Search on Vulmon	Subscribe to Product
juniper junos 20.4
juniper junos 21.1
juniper junos 21.2
juniper junos 21.3
juniper junos 21.4

in this repository, you will find the scripts and programm that I have developped and will develop in the future. My goal is to learn ethical hacking and therefore these files are mostly related to machines on Hack the box.

Welcome to my Ethical Hacking Journey in this repository, you will find the scripts and programm that I have developped and will develop in the future My goal is to learn ethical hacking and therefore these files are mostly related to machines on Hack the box Here is the current list of files: -CVE-2022-22204: a python script to embed reverse shell payloads in images -Text_To

in this repository, you will find the scripts and programm that I have developped and will develop in the future. My goal is to learn ethical hacking and therefore these files are mostly related to machines on Hack the box.

Welcome to my Ethical Hacking Journey in this repository, you will find the scripts and programm that I have developped and will develop in the future My goal is to learn ethical hacking and therefore these files are mostly related to machines on Hack the box Here is the current list of files: -CVE-2022-22204: a python script to embed reverse shell payloads in images -Text_To

CWE-401 https://kb.juniper.net/JSA69708 https://nvd.nist.gov https://github.com/BBurgarella/CVE-2021-22204

CVE-2022-22204

Vulnerability Summary

Vulnerability Trend

Github Repositories

References

Vulmon Search

About

Products

Connect