CVE-2022-22198 : Security Advisory and Response

An Access of Uninitialized Pointer vulnerability in the SIP ALG of Juniper Networks Junos OS allows an unauthenticated network-based attacker to cause a Denial of Service (DoS). This issue affects Juniper Networks Junos OS on MX Series and SRX Series.

Understanding CVE-2022-22198

This CVE describes a vulnerability in the SIP ALG of Juniper Networks Junos OS that could lead to a Denial of Service (DoS) attack.

What is CVE-2022-22198?

CVE-2022-22198 is an Access of Uninitialized Pointer vulnerability that allows an unauthenticated attacker to trigger a DoS condition on affected devices running Juniper Networks Junos OS.

The Impact of CVE-2022-22198

The vulnerability has a CVSS base score of 7.5, indicating a high severity. It could result in a sustained Denial of Service condition, affecting the availability of services.

Technical Details of CVE-2022-22198

Vulnerability Description

If the SIP ALG is enabled on MX or SRX platforms, an attacker can crash MS-MPC or MS-MIC, or SPC components by sending specific SIP messages with a particular contact header format.

Affected Systems and Versions

Platforms: MX Series, SRX Series
Junos OS Versions Affected:
20.4 versions prior to 20.4R3
21.1 versions prior to 21.1R2-S1, 21.1R3
21.2 versions prior to 21.2R2

Exploitation Mechanism

Juniper SIRT has not detected any instances of malicious exploitation related to this vulnerability.

Mitigation and Prevention

Immediate Steps to Take

Upgrade to the following software releases to address the issue: 20.4R3, 21.1R2-S1, 21.1R3, 21.2R2, 21.3R1, or subsequent releases.

Long-Term Security Practices

Consider disabling the SIP ALG if it is not essential to your network operations.

Patching and Updates

No viable workarounds exist for this issue other than applying the software updates mentioned above.