CVE-2022-22185 : What You Need to Know
Learn about CVE-2022-22185, a Denial of Service vulnerability in Juniper Networks Junos OS on SRX Series, allowing unauthenticated attackers to trigger a DoS condition.
A vulnerability in Juniper Networks Junos OS on SRX Series has been identified, allowing a network-based unauthenticated attacker to trigger a Denial of Service (DoS) by sending a specific fragmented packet to the device, leading to a flowd process crash that manages packet forwarding.
Understanding CVE-2022-22185
This CVE affects Juniper Networks Junos OS on SRX Series.
What is CVE-2022-22185?
CVE-2022-22185 is a Denial of Service (DoS) vulnerability in Juniper Networks Junos OS on SRX Series, specifically impacting the flowd daemon upon receipt of a specific fragmented packet.
The Impact of CVE-2022-22185
The vulnerability allows an unauthenticated attacker to cause a DoS condition by sending a specific packet to the device, resulting in a flowd process crash and potential sustained DoS attacks.
Technical Details of CVE-2022-22185
Vulnerability Description
The issue affects SRX Series devices with specific Junos OS versions when the 'preserve-incoming-fragment-size' feature is enabled.
Affected Systems and Versions
Juniper Networks Junos OS on SRX Series versions 18.3 prior to 18.3R3-S6, 18.4 prior to 18.4R3-S10, 19.1 prior to 19.1R3-S7, 19.2 prior to 19.2R3-S4, 19.3 prior to 19.3R3-S4, 19.4 prior to 19.4R3-S6, 20.1 prior to 20.1R3-S2, 20.2 prior to 20.2R3-S3, 20.3 prior to 20.3R3-S1, 20.4 prior to 20.4R3, 21.1 prior to 21.1R2-S1, 21.1R3, 21.2 prior to 21.2R2 are affected.
Exploitation Mechanism
Juniper SIRT has not detected any malicious exploitation of this vulnerability.
Mitigation and Prevention
Immediate Steps to Take
Administrators can disable the 'preserve-incoming-fragment-size' feature to mitigate the issue by removing the affected configuration.
Long-Term Security Practices
Regularly update Junos OS to the patched versions provided by Juniper Networks to prevent potential DoS attacks.
Patching and Updates
Ensure that Juniper Networks Junos OS on SRX Series is updated to the following fixed versions: 18.3R3-S6, 18.4R3-S10, 19.1R3-S7, 19.2R3-S4, 19.3R3-S4, 19.4R3-S6, 20.1R3-S2, 20.2R3-S3, 20.3R3-S1, 20.4R3, 21.1R2-S1, 21.1R3, 21.2R2, 21.3R1, or any subsequent releases.