Main Vulnerability Database SB2022011704

SB2022011704 - Denial of service in Junos Fusion

Published: January 17, 2022

Security Bulletin ID SB2022011704

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Physical access

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) External Control of Critical State Data (CVE-ID: CVE-2022-22154)

The vulnerability allows an attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insecure validation in the Junos Fusion setup of the satellite device. An attacker with physical access to device can make physical changes to the cabling of the device to cause a denial of service (DoS).

Remediation

Install update from vendor's website.

References

https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11262&cat=SIRT_1&actp=LIST