A Buffer Overflow vulnerability in SIP ALG of Juniper Networks Junos OS allows a network-based, unauthenticated attacker to cause a Denial of Service (DoS). On all MX Series and SRX Series platform with SIP ALG enabled, when a malformed SIP packet is received, the flow processing daemon (flowd) will crash and restart. This issue affects: Juniper Networks Junos OS on MX Series and SRX Series 20.4 versions prior to 20.4R3-S5; 21.1 versions prior to 21.1R3-S4; 21.2 versions prior to 21.2R3-S2; 21.3 versions prior to 21.3R3-S1; 21.4 versions prior to 21.4R3; 22.1 versions prior to 22.1R1-S2, 22.1R2; 22.2 versions prior to 22.2R1-S1, 22.2R2. This issue does not affect Juniper Networks Junos OS versions prior to 20.4R1 on SRX Series.
Attack Vector Network
Attack Complexity Low
Privileges Required None
Scope Unchanged
Confidentiality Impact None
Integrity Impact None
Availability Impact High
User Interaction None
No CVSS v3.0
No CVSS v2
Vendors | Products |
---|---|
Juniper |
|
Configuration 1 [-]
AND |
|
References
Link | Resource |
---|---|
https://kb.juniper.net/JSA70212 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: juniper
Published: 2023-01-12T00:00:00
Updated: 2023-01-12T00:00:00
Reserved: 2022-12-27T00:00:00
Link: CVE-2023-22416
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-01-13T00:15:11.753
Modified: 2023-01-20T15:35:50.597
Link: CVE-2023-22416
JSON object: View
Redhat Information
No data.
CWE