Rewterz Threat Advisory – Multiple Cisco Products Vulnerabilities
January 17, 2022Rewterz Threat Alert – APT32 Ocean Lotus – Active IOCs
January 17, 2022Severity
High
Analysis Summary
CVE-2022-22160
Juniper Networks Junos OS is vulnerable to a denial of service, caused by an unchecked error condition vulnerability in the subscriber management daemon (smgd). By sending s specially-crafted request, a remote attacker could exploit this vulnerability to cause a crash.
CVE-2022-22159
Juniper Networks Junos OS is vulnerable to a denial of service, caused by a vulnerability in the NETISR network queue functionality. By sending crafted genuine packets, a remote attacker could exploit this vulnerability to cause a denial of service.
CVE-2022-22167
Juniper Networks Junos OS could allow a remote attacker to bypass security restrictions, caused by a traffic classification vulnerability. By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass Juniper Deep Packet Inspection (JDPI) rules.
CVE-2022-22156
Juniper Networks Junos OS is vulnerable to a man-in-the-middle attack, caused by an improper certificate validation weakness. An attacker could exploit this vulnerability to compromise the integrity and confidentiality.
CVE-2022-22155
Juniper Networks Junos OS is vulnerable to a denial of service, caused by an uncontrolled resource consumption vulnerability in the handling of IPv6 neighbor state change events. By sending a specially-crafted request, an attacker could exploit this vulnerability to cause a denial of service.
CVE-2022-22154
Juniper Networks Junos OS is vulnerable to a denial of service, caused by a junos fusion scenario an external control of critical state data vulnerability in the Satellite Device (SD) control state machine. By making physical changes to the cabling of the device, a local attacker could exploit this vulnerability to cause a denial of service.
CVE-2022-22153
Juniper Networks Junos OS is vulnerable to a denial of service, caused by an insufficient algorithmic complexity combined with an allocation of resources without limits or throttling vulnerability in the flow processing daemon (flowd). By sending a specially-crafted request, an attacker could exploit this vulnerability to cause latency in transit packet processing and even packet loss.
CVE-2022-22180
Juniper Networks Junos OS is vulnerable to a denial of service, caused by a memory leak flaw in the processing of specific IPv6 packets. By sending specially-crafted packets, a remote attacker could exploit this vulnerability to exhaust DMA memory, and results in a denial of service condition.
CVE-2022-22178
Juniper Networks Junos OS is vulnerable to a denial of service, caused by a stack-based buffer overflow in the flow processing daemon (flowd). By sending specially-crafted packets, a remote attacker could exploit this vulnerability to cause flowd to crash, and results in a denial of service condition.
CVE-2022-22177
Juniper Networks Junos OS and Junos OS Evolved are vulnerable to a denial of service, caused by a release of illegal memory flaw in the snmpd daemon. By sending specially-crafted packets, a remote attacker could exploit this vulnerability to halt the snmpd daemon, and results in a denial of service condition.
CVE-2022-22176
Juniper Networks Junos OS is vulnerable to a denial of service, caused by improper input validation by the Juniper DHCP daemon (jdhcpd). By sending a specially-crafted DHCP packet, a remote attacker could exploit this vulnerability to cause jdhcpd to crash, and results in a denial of service condition.
CVE-2022-22175
Juniper Networks Junos OS is vulnerable to a denial of service, caused by an improper locking flaw in the SIP ALG. By sending specially-crafted packets, a remote attacker could exploit this vulnerability to cause a flowprocessing daemon (flowd) crash, and results in a denial of service condition.
Impact
- Denial of Service
- Security Bypass
- Unauthorized Access
Affected Vendors
Juniper
Affected Products
- Juniper Junos 16.1
- Juniper Junos 19.1
- Juniper Junos 19.2
- Juniper Junos 19.3
- Juniper Junos 17.3
- Juniper Junos 17.4
- Juniper Junos 18.1
- Juniper Junos 18.2
- Juniper Junos 19.4
- Juniper Junos 16.1R1
- Juniper Networks Junos OS 18.4
- Juniper Networks Junos OS 19.1
- Juniper Networks Junos OS 19.2
- Juniper Networks Junos OS 19.3
- Juniper Networks MX Series
- Juniper Networks SRX Series
- Juniper Networks Junos OS 20.4
- Juniper Networks Junos OS 21.1
- Juniper Networks Junos OS 15.1
- Juniper Networks Junos OS 18.3
Remediation
Refer to Juniper Networks Security Bulletin for patch, upgrade or suggested workaround information.
CVE-2022-22160
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11268&cat=SIRT_1&actp=LIST
CVE-2022-22159
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11268&cat=SIRT_1&actp=LIST
CVE-2022-22167
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11265&cat=SIRT_1&actp=LIST
CVE-2022-22156
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11265&cat=SIRT_1&actp=LIST
CVE-2022-22155
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11263&cat=SIRT_1&actp=LIST
CVE-2022-22154
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11262&cat=SIRT_1&actp=LIST
CVE-2022-22153
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11261&cat=SIRT_1&actp=LIST
CVE-2022-22180
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11286&cat=SIRT_1&actp=LIST
CVE-2022-22178
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11285&cat=SIRT_1&actp=LIST
CVE-2022-22177
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11283&cat=SIRT_1&actp=LIST
CVE-2022-22176
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11282&cat=SIRT_1&actp=LIST
CVE-2022-22175