CVE-2022-22235 An improper check in the Packet Forwarding Engine of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause Denial of Service.

SRX Series: 1706 versions prior to 1706-D100; 1709 versions prior to 1709-D100; 1710 versions prior to 1710-D100; 1803 versions prior to 1803-D100; 1812 versions prior to 1812-D100; 1815 versions prior to 1815-D100; 1820 versions prior to 1820-D100; 1821 versions prior to 1821-D100; 1822 versions prior to 1822-D100; 1831 versions prior to 1831-D100; 1833 versions prior to 1833-D100; 1835 versions prior to 1835-D100; 1839 versions prior to 1839-D100; 1841 versions prior to 1841-D100; 1844 versions prior to 1844-D100; 1846 versions prior to 1846-D100; 1848 versions prior to 1848-D100; 1849 versions prior to 1849-D100; 1853 versions prior to 1853-D100; 1858 versions prior to 1858-D100; 1859 versions prior to 1859-D100; 1863 versions prior to 1863-D100; 1866 versions prior to 1866-D100; 1873 versions prior to 1873-D100; 1874 versions prior to 1874-D100; 1885 versions prior to 1885-D100; 1887 versions prior to 1887-D100; 18

Quickstart: Get help with SRX Service and Support

Cisco has created the SRX Service and Support portal for customers and partners to quickly find the solutions they need. You can access the portal by clicking on this link: https://support4srx.cisco.com/

Resources

The Cisco bug ID CVE-2022-22235 can cause the following symptoms on an SRX Series:
a. Routing protocols may not function properly due to a memory leak or memory exhaustion issue.
b. Any of the following could occur:
· An interface is stopped, inactive, or becomes inoperative due to loss of IPv6 connectivity
· The system becomes unresponsive and does not respond to key commands
· The system becomes unresponsive and does not respond to packet forwarding requests
c. The system becomes unresponsive and does not respond to management traffic; you cannot enter privileged mode

Security Measures Taken

The SRX Series of products are not vulnerable to the CVE-2022-22235 vulnerability.

Note: 1815 and 1821 are beta releases

The SRX Series is a family of Cisco products that consists of routers, firewalls, and VPN appliances.

The SRX Series integrates security features with high-performance network routing capabilities to provide comprehensive protection of data in the enterprise and WAN.

SRX 1822-D100 has an undocumented bug that can allow a remote attacker to bypass authentication on the device. This bug was not recognized by external researchers until May 20th, 2019 when it was disclosed to Cisco.

Timeline

Published on: 10/18/2022 03:15:00 UTC

References

• https://kb.juniper.net/JSA69891
• https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-22235