CVE-2022-22188

Name of the Vulnerable Software and Affected Versions Juniper Networks Junos OS versions 20.2R1 through 20.2R2

Description An Uncontrolled Memory Allocation vulnerability leading to a Heap-based Buffer Overflow in the packet forwarding engine (PFE) of Juniper Networks Junos OS allows a network-based unauthenticated attacker to flood the device with traffic leading to a Denial of Service (DoS). The device must be configured with storm control profiling limiting the number of unknown broadcast, multicast, or unicast traffic to be vulnerable to this issue.

Recommendations For Juniper Networks Junos OS version 20.2R1, update to version 20.2R2 or later to resolve the issue. For versions prior to 20.2R2, consider disabling storm control profiling as a temporary workaround to minimize the risk of exploitation.