{"containers": {"cna": {"affected": [{"platforms": ["EX4650 Series"], "product": "Junos OS", "vendor": "Juniper Networks", "versions": [{"lessThan": "19.1R3-S8", "status": "affected", "version": "unspecified", "versionType": "custom"}, {"lessThan": "19.2R3-S5", "status": "affected", "version": "19.2", "versionType": "custom"}, {"lessThan": "19.3R3-S5", "status": "affected", "version": "19.3", "versionType": "custom"}, {"lessThan": "19.4R3-S7", "status": "affected", "version": "19.4", "versionType": "custom"}, {"lessThan": "20.1R3-S3", "status": "affected", "version": "20.1", "versionType": "custom"}, {"lessThan": "20.2R3-S4", "status": "affected", "version": "20.2", "versionType": "custom"}, {"lessThan": "20.3R3-S3", "status": "affected", "version": "20.3", "versionType": "custom"}, {"lessThan": "20.4R3-S2", "status": "affected", "version": "20.4", "versionType": "custom"}, {"lessThan": "21.1R3-S1", "status": "affected", "version": "21.1", "versionType": "custom"}, {"lessThan": "21.2R3", "status": "affected", "version": "21.2", "versionType": "custom"}, {"lessThan": "21.3R2", "status": "affected", "version": "21.3", "versionType": "custom"}, {"lessThan": "21.4R2", "status": "affected", "version": "21.4", "versionType": "custom"}]}], "datePublic": "2022-04-13T00:00:00", "descriptions": [{"lang": "en", "value": "Due to an Improper Initialization vulnerability in Juniper Networks Junos OS on EX4650 devices, packets received on the management interface (em0) but not destined to the device, may be improperly forwarded to an egress interface, instead of being discarded. Such traffic being sent by a client may appear genuine, but is non-standard in nature and should be considered as potentially malicious. This issue affects: Juniper Networks Junos OS on EX4650 Series: All versions prior to 19.1R3-S8; 19.2 versions prior to 19.2R3-S5; 19.3 versions prior to 19.3R3-S5; 19.4 versions prior to 19.4R3-S7; 20.1 versions prior to 20.1R3-S3; 20.2 versions prior to 20.2R3-S4; 20.3 versions prior to 20.3R3-S3; 20.4 versions prior to 20.4R3-S2; 21.1 versions prior to 21.1R3-S1; 21.2 versions prior to 21.2R3; 21.3 versions prior to 21.3R2; 21.4 versions prior to 21.4R2; 22.1 versions prior to 22.1R1."}], "exploits": [{"lang": "en", "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-665", "description": "CWE-665 Improper Initialization", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-04-14T15:50:43", "orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "shortName": "juniper"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://kb.juniper.net/JSA69494"}], "solutions": [{"lang": "en", "value": "The following software releases have been updated to resolve this specific issue: 19.1R3-S8, 19.2R3-S5, 19.3R3-S5, 19.4R3-S7, 20.1R3-S3, 20.2R3-S4, 20.3R3-S3, 20.4R3-S2, 21.1R3-S1, 21.2R3, 21.3R2, 21.4R2, 22.1R1, and all subsequent releases."}], "source": {"advisory": "JSA69494", "defect": ["1628754"], "discovery": "INTERNAL"}, "title": "Junos OS: EX4650 Series: Certain traffic received by the Junos OS device on the management interface may be forwarded to egress interfaces instead of discarded", "workarounds": [{"lang": "en", "value": "Disabling the net.transit_re sysctl flag will also cause management traffic forwarded to the PFE ports to be dropped:\n% sysctl -w net.transit_re=0\n\nNote that sysctl flags do not survive a reboot."}], "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "sirt@juniper.net", "DATE_PUBLIC": "2022-04-13T16:00:00.000Z", "ID": "CVE-2022-22186", "STATE": "PUBLIC", "TITLE": "Junos OS: EX4650 Series: Certain traffic received by the Junos OS device on the management interface may be forwarded to egress interfaces instead of discarded"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Junos OS", "version": {"version_data": [{"platform": "EX4650 Series", "version_affected": "<", "version_value": "19.1R3-S8"}, {"platform": "EX4650 Series", "version_affected": "<", "version_name": "19.2", "version_value": "19.2R3-S5"}, {"platform": "EX4650 Series", "version_affected": "<", "version_name": "19.3", "version_value": "19.3R3-S5"}, {"platform": "EX4650 Series", "version_affected": "<", "version_name": "19.4", "version_value": "19.4R3-S7"}, {"platform": "EX4650 Series", "version_affected": "<", "version_name": "20.1", "version_value": "20.1R3-S3"}, {"platform": "EX4650 Series", "version_affected": "<", "version_name": "20.2", "version_value": "20.2R3-S4"}, {"platform": "EX4650 Series", "version_affected": "<", "version_name": "20.3", "version_value": "20.3R3-S3"}, {"platform": "EX4650 Series", "version_affected": "<", "version_name": "20.4", "version_value": "20.4R3-S2"}, {"platform": "EX4650 Series", "version_affected": "<", "version_name": "21.1", "version_value": "21.1R3-S1"}, {"platform": "EX4650 Series", "version_affected": "<", "version_name": "21.2", "version_value": "21.2R3"}, {"platform": "EX4650 Series", "version_affected": "<", "version_name": "21.3", "version_value": "21.3R2"}, {"platform": "EX4650 Series", "version_affected": "<", "version_name": "21.4", "version_value": "21.4R2"}]}}]}, "vendor_name": "Juniper Networks"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Due to an Improper Initialization vulnerability in Juniper Networks Junos OS on EX4650 devices, packets received on the management interface (em0) but not destined to the device, may be improperly forwarded to an egress interface, instead of being discarded. Such traffic being sent by a client may appear genuine, but is non-standard in nature and should be considered as potentially malicious. This issue affects: Juniper Networks Junos OS on EX4650 Series: All versions prior to 19.1R3-S8; 19.2 versions prior to 19.2R3-S5; 19.3 versions prior to 19.3R3-S5; 19.4 versions prior to 19.4R3-S7; 20.1 versions prior to 20.1R3-S3; 20.2 versions prior to 20.2R3-S4; 20.3 versions prior to 20.3R3-S3; 20.4 versions prior to 20.4R3-S2; 21.1 versions prior to 21.1R3-S1; 21.2 versions prior to 21.2R3; 21.3 versions prior to 21.3R2; 21.4 versions prior to 21.4R2; 22.1 versions prior to 22.1R1."}]}, "exploit": [{"lang": "en", "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."}], "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-665 Improper Initialization"}]}]}, "references": {"reference_data": [{"name": "https://kb.juniper.net/JSA69494", "refsource": "CONFIRM", "url": "https://kb.juniper.net/JSA69494"}]}, "solution": [{"lang": "en", "value": "The following software releases have been updated to resolve this specific issue: 19.1R3-S8, 19.2R3-S5, 19.3R3-S5, 19.4R3-S7, 20.1R3-S3, 20.2R3-S4, 20.3R3-S3, 20.4R3-S2, 21.1R3-S1, 21.2R3, 21.3R2, 21.4R2, 22.1R1, and all subsequent releases."}], "source": {"advisory": "JSA69494", "defect": ["1628754"], "discovery": "INTERNAL"}, "work_around": [{"lang": "en", "value": "Disabling the net.transit_re sysctl flag will also cause management traffic forwarded to the PFE ports to be dropped:\n% sysctl -w net.transit_re=0\n\nNote that sysctl flags do not survive a reboot."}]}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T03:07:49.601Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://kb.juniper.net/JSA69494"}]}]}, "cveMetadata": {"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "assignerShortName": "juniper", "cveId": "CVE-2022-22186", "datePublished": "2022-04-14T15:50:43.593742Z", "dateReserved": "2021-12-21T00:00:00", "dateUpdated": "2024-09-16T18:24:01.434Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*", "matchCriteriaId": "E46B49AE-2783-4962-9919-A0E1DDFCE4C9", "versionEndExcluding": "19.1", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.1:-:*:*:*:*:*:*", "matchCriteriaId": "768C0EB7-8456-4BF4-8598-3401A54D21DA", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.1:r1:*:*:*:*:*:*", "matchCriteriaId": "5332B70A-F6B0-4C3B-90E2-5CBFB3326126", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.1:r1-s1:*:*:*:*:*:*", "matchCriteriaId": "81439FE8-5405-45C2-BC04-9823D2009A77", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.1:r1-s2:*:*:*:*:*:*", "matchCriteriaId": "E506138D-043E-485D-B485-94A2AB75F8E7", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.1:r1-s3:*:*:*:*:*:*", "matchCriteriaId": "0EF3C901-3599-463F-BEFB-8858768DC195", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.1:r1-s4:*:*:*:*:*:*", "matchCriteriaId": "CD806778-A995-4A9B-9C05-F4D7B1CB1F7D", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.1:r1-s5:*:*:*:*:*:*", "matchCriteriaId": "02B42BE8-1EF2-47F7-9F10-DE486A017EED", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.1:r1-s6:*:*:*:*:*:*", "matchCriteriaId": "0B372356-D146-420B-95C3-381D0383B595", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.1:r2:*:*:*:*:*:*", "matchCriteriaId": "DCAB79C9-6639-4ED0-BEC9-E7C8229DF977", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.1:r2-s1:*:*:*:*:*:*", "matchCriteriaId": "C8CF858F-84BB-4AEA-B829-FCF22C326160", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.1:r2-s2:*:*:*:*:*:*", "matchCriteriaId": "92292C23-DC38-42F1-97C1-8416BBB60FA9", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.1:r2-s3:*:*:*:*:*:*", "matchCriteriaId": "59E2311C-075A-4C64-B614-728A21B17B1B", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.1:r3:*:*:*:*:*:*", "matchCriteriaId": "5405F361-AB96-4477-AA0D-49B874324B39", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.1:r3-s1:*:*:*:*:*:*", "matchCriteriaId": "E45E5421-2F6F-4AF9-8EB1-431A804FC649", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.1:r3-s2:*:*:*:*:*:*", "matchCriteriaId": "93098975-4A06-4A72-8DF0-F2C5E1AF2F77", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.1:r3-s3:*:*:*:*:*:*", "matchCriteriaId": "E1F3AEE4-CEB8-4CAA-A48A-1B4647FFFCDB", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.1:r3-s4:*:*:*:*:*:*", "matchCriteriaId": "69E2DF80-63D8-48DD-BC73-C406B7AA3C7D", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.1:r3-s5:*:*:*:*:*:*", "matchCriteriaId": "8120EAC3-DCCB-4429-A372-C0DAA3270A1F", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.1:r3-s6:*:*:*:*:*:*", "matchCriteriaId": "DF81F459-915E-468C-8E82-85F1A601095B", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.1:r3-s7:*:*:*:*:*:*", "matchCriteriaId": "9912E998-75FB-4EA0-8E36-0A1C38147AB8", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.2:-:*:*:*:*:*:*", "matchCriteriaId": "0E7545CE-6300-4E81-B5AF-2BE150C1B190", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.2:r1:*:*:*:*:*:*", "matchCriteriaId": "4CA3060F-1800-4A06-A453-FB8CE4B65312", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.2:r1-s1:*:*:*:*:*:*", "matchCriteriaId": "9A5B337A-727C-4767-AD7B-E0F7F99EB46F", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.2:r1-s2:*:*:*:*:*:*", "matchCriteriaId": "16FDE60B-7A99-4683-BC14-530B5B005F8B", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.2:r1-s3:*:*:*:*:*:*", "matchCriteriaId": "725D8C27-E4F8-4394-B4EC-B49B6D3C2709", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.2:r1-s4:*:*:*:*:*:*", "matchCriteriaId": "8233C3AB-470E-4D13-9BFD-C9E90918FD0B", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.2:r1-s5:*:*:*:*:*:*", "matchCriteriaId": "5F7A233A-D4F6-46FA-92E9-2ACE13E4A6A4", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.2:r1-s6:*:*:*:*:*:*", "matchCriteriaId": "ADCE4EA8-DDBA-4766-BB81-E4DA29723723", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.2:r1-s7:*:*:*:*:*:*", "matchCriteriaId": "2849078A-447A-4615-94E1-58AF450ED22A", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.2:r2:*:*:*:*:*:*", "matchCriteriaId": "7C71D2FA-B1A4-4004-807F-7B3BB347DF4C", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.2:r2-s1:*:*:*:*:*:*", "matchCriteriaId": "9E78E854-DDD3-4D1A-97AB-AEA70B9B811F", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.2:r3:*:*:*:*:*:*", "matchCriteriaId": "512FB3D1-BA5B-4F73-BDB2-49D6889F5473", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.2:r3-s1:*:*:*:*:*:*", "matchCriteriaId": "7FCBFF57-83A1-4C1C-A38D-7DAB48BCA2EC", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.2:r3-s2:*:*:*:*:*:*", "matchCriteriaId": "920FE638-BDE6-403D-9083-2BDBF6A3326F", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.2:r3-s3:*:*:*:*:*:*", "matchCriteriaId": "E38CD1E2-41F5-42D1-B915-055A497C576A", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.2:r3-s4:*:*:*:*:*:*", "matchCriteriaId": "0C816B9A-F152-4E5F-8152-73635840A89A", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.3:-:*:*:*:*:*:*", "matchCriteriaId": "59006503-B2CA-4F79-AC13-7C5615A74CE5", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.3:r1:*:*:*:*:*:*", "matchCriteriaId": "B8110DA9-54B1-43CF-AACB-76EABE0C9EF6", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.3:r1-s1:*:*:*:*:*:*", "matchCriteriaId": "11B5CC5A-1959-4113-BFCF-E4BA63D918C1", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.3:r2:*:*:*:*:*:*", "matchCriteriaId": "33F08A33-EF80-4D86-9A9A-9DF147B9B6D3", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.3:r2-s1:*:*:*:*:*:*", "matchCriteriaId": "AF24ACBD-5F84-47B2-BFF3-E9A56666269C", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.3:r2-s2:*:*:*:*:*:*", "matchCriteriaId": "3935A586-41BD-4FA5-9596-DED6F0864777", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.3:r2-s3:*:*:*:*:*:*", "matchCriteriaId": "B83FB539-BD7C-4BEE-9022-098F73902F38", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.3:r2-s4:*:*:*:*:*:*", "matchCriteriaId": "7659AC36-A5EA-468A-9793-C1EC914D36F4", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.3:r2-s5:*:*:*:*:*:*", "matchCriteriaId": "E0E018E1-568E-40F2-ADA5-F71509811879", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.3:r2-s6:*:*:*:*:*:*", "matchCriteriaId": "122B09A3-299A-421C-9A6B-B3FEED8E19FA", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.3:r3:*:*:*:*:*:*", "matchCriteriaId": "B9295AF3-A883-47C3-BAF8-3D82F719733E", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.3:r3-s1:*:*:*:*:*:*", "matchCriteriaId": "F09D3262-394A-43D1-A4ED-8887FCB20F87", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.3:r3-s2:*:*:*:*:*:*", "matchCriteriaId": "D3FEA876-302D-4F07-94E6-237C669538F2", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.3:r3-s3:*:*:*:*:*:*", "matchCriteriaId": "B011854A-932C-4D5C-B469-71F72608DFCB", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.3:r3-s4:*:*:*:*:*:*", "matchCriteriaId": "94A44054-B47B-453C-BF0F-9E071EFF6542", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.4:r1:*:*:*:*:*:*", "matchCriteriaId": "DC743EE4-8833-452A-94DB-655BF139F883", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.4:r1-s1:*:*:*:*:*:*", "matchCriteriaId": "FE96A8EA-FFE3-4D8F-9266-21899149D634", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.4:r1-s2:*:*:*:*:*:*", "matchCriteriaId": "C12A75C6-2D00-4202-B861-00FF71585FA0", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.4:r1-s3:*:*:*:*:*:*", "matchCriteriaId": "70FF3DD4-14CB-435D-8529-0480EB853F60", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.4:r1-s4:*:*:*:*:*:*", "matchCriteriaId": "84429093-AB3C-4C05-B8FA-87D94091820F", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.4:r2:*:*:*:*:*:*", "matchCriteriaId": "4DCFA774-96EF-4018-82CF-95C807025C24", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.4:r2-s1:*:*:*:*:*:*", "matchCriteriaId": "76022948-4B07-43CB-824C-44E1AB3537CB", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.4:r2-s2:*:*:*:*:*:*", "matchCriteriaId": "25446F60-5CB9-4923-BCE8-609AE3CFDFBC", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.4:r2-s3:*:*:*:*:*:*", "matchCriteriaId": "A23E5CEA-EFF5-4641-BC47-BA2D0859F0EE", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.4:r2-s4:*:*:*:*:*:*", "matchCriteriaId": "760E2418-B945-4467-BDAC-7702DDF4C4EE", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.4:r2-s5:*:*:*:*:*:*", "matchCriteriaId": "98097AB6-56CB-42E4-96B4-ABBD4F36553C", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.4:r3:*:*:*:*:*:*", "matchCriteriaId": "758275F3-9457-45A2-8F57-65DCD659FC1B", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.4:r3-s1:*:*:*:*:*:*", "matchCriteriaId": "B46CB928-78B5-4D60-B747-9A0988C7060D", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.4:r3-s2:*:*:*:*:*:*", "matchCriteriaId": "ED73BF1A-96E4-49F1-A6AA-7B29DAA6C112", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.4:r3-s3:*:*:*:*:*:*", "matchCriteriaId": "0886EFA6-47E3-4C1D-A278-D3891A487FED", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.4:r3-s4:*:*:*:*:*:*", "matchCriteriaId": "A209EE6F-E676-4172-8FF3-4E03748DEB13", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.4:r3-s5:*:*:*:*:*:*", "matchCriteriaId": "EC395200-9A69-468A-8461-D2219B34AA0E", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.4:r3-s6:*:*:*:*:*:*", "matchCriteriaId": "08584FCD-4593-4590-A988-C862295E618A", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.1:r1:*:*:*:*:*:*", "matchCriteriaId": "8328FDE6-9707-4142-B905-3B07C0E28E35", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.1:r1-s1:*:*:*:*:*:*", "matchCriteriaId": "41CD982F-E6F2-4951-9F96-A76C142DF08E", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.1:r1-s2:*:*:*:*:*:*", "matchCriteriaId": "19FDC05F-5582-4F7E-B628-E58A3C0E7F2F", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.1:r1-s3:*:*:*:*:*:*", "matchCriteriaId": "401306D1-E9CE-49C6-8DC9-0E8747B9DC2C", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.1:r1-s4:*:*:*:*:*:*", "matchCriteriaId": "615EAF48-AD53-4CC2-B233-5EA5C0F72CB1", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.1:r2:*:*:*:*:*:*", "matchCriteriaId": "DC8E7547-6649-436D-BC45-184417680C72", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.1:r2-s1:*:*:*:*:*:*", "matchCriteriaId": "D9789FF8-D55C-4AF9-A250-E543A0EB826F", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.1:r2-s2:*:*:*:*:*:*", "matchCriteriaId": "5C238EB1-5A38-4877-8849-4A6D36918B3F", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.1:r3:*:*:*:*:*:*", "matchCriteriaId": "C21638A9-6AD8-4347-AA3F-64BC7BD71C0D", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.1:r3-s1:*:*:*:*:*:*", "matchCriteriaId": "D621DB7F-BC6B-4A07-8803-596B3ED11CF2", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.1:r3-s2:*:*:*:*:*:*", "matchCriteriaId": "A5620596-4DEE-41D7-A63F-224D814DAA77", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r1:*:*:*:*:*:*", "matchCriteriaId": "CD07B7E2-F5C2-4610-9133-FDA9E66DFF4F", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r1-s1:*:*:*:*:*:*", "matchCriteriaId": "D3C23AEB-34DE-44FB-8D64-E69D6E8B7401", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r1-s2:*:*:*:*:*:*", "matchCriteriaId": "18DB9401-5A51-4BB3-AC2F-58F58F1C788C", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r1-s3:*:*:*:*:*:*", "matchCriteriaId": "06F53DA5-59AE-403C-9B1E-41CE267D8BB1", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r2:*:*:*:*:*:*", "matchCriteriaId": "3332262F-81DA-4D78-99C9-514CADA46611", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r2-s1:*:*:*:*:*:*", "matchCriteriaId": "B46B63A2-1518-4A29-940C-F05624C9658D", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r2-s2:*:*:*:*:*:*", "matchCriteriaId": "8E0D4959-3865-42A7-98CD-1103EBD84528", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r2-s3:*:*:*:*:*:*", "matchCriteriaId": "3A58292B-814C-49E7-8D6D-BE26EFB9ADDF", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r3:*:*:*:*:*:*", "matchCriteriaId": "681AE183-7183-46E7-82EA-28C398FA1C3D", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r3-s1:*:*:*:*:*:*", "matchCriteriaId": "8A6E9627-8BF1-4BE8-844B-EE8F1C9478F0", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r3-s2:*:*:*:*:*:*", "matchCriteriaId": "0A80F23B-CD13-4745-BA92-67C23B297A18", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r3-s3:*:*:*:*:*:*", "matchCriteriaId": "67D4004B-1233-4258-9C7A-F05189146B44", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.3:r1:*:*:*:*:*:*", "matchCriteriaId": "5C9BC697-C7C9-447D-9EBD-E9711462583E", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.3:r1-s1:*:*:*:*:*:*", "matchCriteriaId": "7B80433B-57B1-49EF-B1A1-83781D6102E3", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.3:r2:*:*:*:*:*:*", "matchCriteriaId": "05D8427C-CDDE-4B2F-9CB8-41B9137660E4", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.3:r2-s1:*:*:*:*:*:*", "matchCriteriaId": "F3DC01F2-6DFE-4A8E-9962-5E59AA965935", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.3:r3:*:*:*:*:*:*", "matchCriteriaId": "7DA0E196-925E-4056-B411-E158702D5D4F", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.3:r3-s1:*:*:*:*:*:*", "matchCriteriaId": "E33A522F-E35C-4473-9CBD-9C6E5A831086", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.3:r3-s2:*:*:*:*:*:*", "matchCriteriaId": "E9AE26EB-699B-4B10-87E2-9E731B820F32", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r1:*:*:*:*:*:*", "matchCriteriaId": "20DDC6B7-BFC4-4F0B-8E68-442C23765BF2", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r1-s1:*:*:*:*:*:*", "matchCriteriaId": "037BA01C-3F5C-4503-A633-71765E9EF774", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r2:*:*:*:*:*:*", "matchCriteriaId": "C54B047C-4B38-40C0-9855-067DCF7E48BD", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r2-s1:*:*:*:*:*:*", "matchCriteriaId": "38984199-E332-4A9C-A4C0-78083D052E15", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r3:*:*:*:*:*:*", "matchCriteriaId": "09876787-A40A-4340-9C12-8628C325353B", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s1:*:*:*:*:*:*", "matchCriteriaId": "41615104-C17E-44DA-AB0D-6E2053BD4EF4", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.1:r1:*:*:*:*:*:*", "matchCriteriaId": "625BA7E6-D2AD-4A48-9B94-24328BE5B06A", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.1:r1-s1:*:*:*:*:*:*", "matchCriteriaId": "F462F4E3-762C-429F-8D25-5521100DD37C", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.1:r2:*:*:*:*:*:*", "matchCriteriaId": "C0BC9DAC-D6B5-4C5E-8C73-6E550D9A30F5", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.1:r2-s1:*:*:*:*:*:*", "matchCriteriaId": "689FE1AE-7A85-4FB6-AB02-E732F23581B6", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.1:r2-s2:*:*:*:*:*:*", "matchCriteriaId": "79E56DAC-75AD-4C81-9835-634B40C15DA6", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.1:r3:*:*:*:*:*:*", "matchCriteriaId": "A0040FE2-7ECD-4755-96CE-E899BA298E0C", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.2:r1:*:*:*:*:*:*", "matchCriteriaId": "A52AF794-B36B-43A6-82E9-628658624B0A", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.2:r1-s1:*:*:*:*:*:*", "matchCriteriaId": "3998DC76-F72F-4452-9150-652140B113EB", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.2:r1-s2:*:*:*:*:*:*", "matchCriteriaId": "36ED4552-2420-45F9-B6E4-6DA2B2B12870", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.2:r2:*:*:*:*:*:*", "matchCriteriaId": "C28A14E7-7EA0-4757-9764-E39A27CFDFA5", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.2:r2-s1:*:*:*:*:*:*", "matchCriteriaId": "4A43752D-A4AF-4B4E-B95B-192E42883A5B", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.2:r2-s2:*:*:*:*:*:*", "matchCriteriaId": "42986538-E9D0-4C2E-B1C4-A763A4EE451B", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.3:r1:*:*:*:*:*:*", "matchCriteriaId": "CC78A4CB-D617-43FC-BB51-287D2D0C44ED", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.3:r1-s1:*:*:*:*:*:*", "matchCriteriaId": "30FF67F8-1E3C-47A8-8859-709B3614BA6E", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.3:r1-s2:*:*:*:*:*:*", "matchCriteriaId": "0C7C507E-C85E-4BC6-A3B0-549516BAB524", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.4:r1:*:*:*:*:*:*", "matchCriteriaId": "4310D2D9-A8A6-48F8-9384-0A0692A1E1C3", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.4:r1-s1:*:*:*:*:*:*", "matchCriteriaId": "9962B01C-C57C-4359-9532-676AB81CE8B0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:juniper:ex4650:-:*:*:*:*:*:*:*", "matchCriteriaId": "2B425BB1-3C78-42B1-A6C1-216E514191F0", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Due to an Improper Initialization vulnerability in Juniper Networks Junos OS on EX4650 devices, packets received on the management interface (em0) but not destined to the device, may be improperly forwarded to an egress interface, instead of being discarded. Such traffic being sent by a client may appear genuine, but is non-standard in nature and should be considered as potentially malicious. This issue affects: Juniper Networks Junos OS on EX4650 Series: All versions prior to 19.1R3-S8; 19.2 versions prior to 19.2R3-S5; 19.3 versions prior to 19.3R3-S5; 19.4 versions prior to 19.4R3-S7; 20.1 versions prior to 20.1R3-S3; 20.2 versions prior to 20.2R3-S4; 20.3 versions prior to 20.3R3-S3; 20.4 versions prior to 20.4R3-S2; 21.1 versions prior to 21.1R3-S1; 21.2 versions prior to 21.2R3; 21.3 versions prior to 21.3R2; 21.4 versions prior to 21.4R2; 22.1 versions prior to 22.1R1."}, {"lang": "es", "value": "Debido a una vulnerabilidad de Inicializaci\u00f3n Inapropiada en Juniper Networks Junos OS en dispositivos EX4650, los paquetes recibidos en la interfaz de administraci\u00f3n (em0), pero que no est\u00e1n destinados al dispositivo, pueden reenviarse incorrectamente a una interfaz de salida, en lugar de descartarse. Este tr\u00e1fico enviado por un cliente puede parecer genuino, pero no es de naturaleza est\u00e1ndar y debe considerarse como potencialmente malicioso. Este problema afecta a: Juniper Networks Junos OS en la serie EX4650: Todas las versiones anteriores a 19.1R3-S8; las versiones 19.2 anteriores a 19.2R3-S5; las versiones 19.3 anteriores a 19.3R3-S5; las versiones 19.4 anteriores a 19.4R3-S7; las versiones 20.1 anteriores a 20.1R3-S3; las versiones 20.2 anteriores a 20.2R3-S4; las versiones 20. 3 versiones anteriores a 20.3R3-S3; 20.4 versiones anteriores a 20.4R3-S2; 21.1 versiones anteriores a 21.1R3-S1; 21.2 versiones anteriores a 21.2R3; 21.3 versiones anteriores a 21.3R2; 21.4 versiones anteriores a 21.4R2; 22.1 versiones anteriores a 22.1R1"}], "id": "CVE-2022-22186", "lastModified": "2024-11-21T06:46:20.870", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 6.4, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 2.7, "source": "sirt@juniper.net", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 2.5, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-04-14T16:15:07.987", "references": [{"source": "sirt@juniper.net", "tags": ["Mitigation", "Vendor Advisory"], "url": "https://kb.juniper.net/JSA69494"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mitigation", "Vendor Advisory"], "url": "https://kb.juniper.net/JSA69494"}], "sourceIdentifier": "sirt@juniper.net", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-665"}], "source": "sirt@juniper.net", "type": "Secondary"}]}

{}

{}