CVE-2022-22198

An Access of Uninitialized Pointer vulnerability in the SIP ALG of Juniper Networks Junos OS allows an unauthenticated network-based attacker to cause a Denial of Service (DoS). Continued receipt of these specific packets will cause a sustained Denial of Service condition. On all MX and SRX platforms, if the SIP ALG is enabled, an MS-MPC or MS-MIC, or SPC will crash if it receives a SIP message with a specific contact header format. This issue affects Juniper Networks Junos OS on MX Series and SRX Series: 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R2-S1, 21.1R3; 21.2 versions prior to 21.2R2. This issue does not affect versions prior to 20.4R1.

An Access of Uninitialized Pointer vulnerability in the SIP ALG of Juniper Networks Junos OS allows an unauthenticated network-based attacker to cause a Denial of Service (DoS). Continued receipt of these specific packets will cause a sustained Denial of Service condition. On all MX and SRX platforms, if the SIP ALG is enabled, an MS-MPC or MS-MIC, or SPC will crash if it receives a SIP message with a specific contact header format. This issue affects Juniper Networks Junos OS on MX Series and SRX Series: 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R2-S1, 21.1R3; 21.2 versions prior to 21.2R2. This issue does not affect versions prior to 20.4R1.

Una vulnerabilidad de Acceso de Puntero no Inicializado en la SIP ALG de Juniper Networks Junos OS permite a un atacante no autenticado basado en la red causar una Denegación de Servicio (DoS). La recepción continuada de estos paquetes específicos causará una condición de denegación de servicio sostenida. En todas las plataformas MX y SRX, si la ALG de SIP está habilitada, un MS-MPC o MS-MIC, o SPC será bloqueado si recibe un mensaje SIP con un formato de encabezado de contacto específico. Este problema afecta a Juniper Networks Junos OS en las series MX y SRX: versiones 20.4 anteriores a 20.4R3; versiones 21.1 anteriores a 21.1R2-S1, 21.1R3; versiones 21.2 anteriores a 21.2R2. Este problema no afecta a versiones anteriores a 20.4R1