CVE-2022-22215

CVSS V2 None CVSS V3 Medium 5.5

Description

A Missing Release of File Descriptor or Handle after Effective Lifetime vulnerability in plugable authentication module (PAM) of Juniper Networks Junos OS and Junos OS Evolved allows a locally authenticated attacker with low privileges to cause a Denial of Service (DoS). It is possible that after the termination of a gRPC connection the respective/var/run/<pid>.env file is not getting deleted which if occurring repeatedly can cause inode exhaustion. Inode exhaustion can present itself in two different ways: 1. The following log message can be observed: host kernel: pid <pid> (<process>), uid <uid> inumber <number> on /.mount/var: out of inodes which by itself is a clear indication. 2. The following log message can be observed: host <process>[<pid>]: ... : No space left on device which is not deterministic and just a representation of a write error which could have several reasons. So the following check needs to be done: user@host> show system storage no-forwarding Filesystem Size Used Avail Capacity Mounted on /dev/ada1p1 475M 300M 137M 69% /.mount/var which indicates that the write error is not actually due to a lack of disk space. If either 1. or 2. has been confirmed, then the output of: user@host> file list /var/run/*.env | count need to be checked and if it indicates a high (>10000) number of files the system has been affected by this issue. This issue affects: Juniper Networks Junos OS All versions prior to 19.1R3-S8; 19.2 versions prior to 19.2R3-S6; 19.3 versions prior to 19.3R3-S5; 19.4 versions prior to 19.4R2-S6, 19.4R3-S7; 20.1 version 20.1R1 and later versions; 20.2 versions prior to 20.2R3-S5; 20.3 versions prior to 20.3R3-S4; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R3; 21.2 versions prior to 21.2R2. Juniper Networks Junos OS Evolved All versions prior to 20.4R3-EVO; 21.1 versions prior to 21.1R3-S1-EVO; 21.2 versions prior to 21.2R1-S1-EVO, 21.2R2-EVO.

Overview

CVE ID
CVE-2022-22215

Assigner
sirt@juniper.net

Vulnerability Status
Analyzed

Published Version
2022-07-20T15:15:08

Last Modified Date
2022-07-29T22:58:03

Weakness Enumerations

CWE	URL
CWE-772	http://cwe.mitre.org/data/definitions/772.html

CPE Configuration (Product)

CPE	Vulnerable	Operator	Version End
cpe:2.3:o:juniper:junos::::::::	1	OR	19.1
cpe:2.3:o:juniper:junos:19.1:-::::::	1	OR
cpe:2.3:o:juniper:junos:19.1:r1::::::	1	OR
cpe:2.3:o:juniper:junos:19.1:r1-s1::::::	1	OR
cpe:2.3:o:juniper:junos:19.1:r1-s2::::::	1	OR
cpe:2.3:o:juniper:junos:19.1:r1-s3::::::	1	OR
cpe:2.3:o:juniper:junos:19.1:r1-s4::::::	1	OR
cpe:2.3:o:juniper:junos:19.1:r1-s5::::::	1	OR
cpe:2.3:o:juniper:junos:19.1:r1-s6::::::	1	OR
cpe:2.3:o:juniper:junos:19.1:r2::::::	1	OR
cpe:2.3:o:juniper:junos:19.1:r2-s1::::::	1	OR
cpe:2.3:o:juniper:junos:19.1:r2-s2::::::	1	OR
cpe:2.3:o:juniper:junos:19.1:r2-s3::::::	1	OR
cpe:2.3:o:juniper:junos:19.1:r3::::::	1	OR
cpe:2.3:o:juniper:junos:19.1:r3-s1::::::	1	OR
cpe:2.3:o:juniper:junos:19.1:r3-s2::::::	1	OR
cpe:2.3:o:juniper:junos:19.1:r3-s3::::::	1	OR
cpe:2.3:o:juniper:junos:19.1:r3-s4::::::	1	OR
cpe:2.3:o:juniper:junos:19.1:r3-s5::::::	1	OR
cpe:2.3:o:juniper:junos:19.1:r3-s6::::::	1	OR
cpe:2.3:o:juniper:junos:19.1:r3-s7::::::	1	OR
cpe:2.3:o:juniper:junos:19.2:-::::::	1	OR
cpe:2.3:o:juniper:junos:19.2:r1::::::	1	OR
cpe:2.3:o:juniper:junos:19.2:r1-s1::::::	1	OR
cpe:2.3:o:juniper:junos:19.2:r1-s2::::::	1	OR
cpe:2.3:o:juniper:junos:19.2:r1-s3::::::	1	OR
cpe:2.3:o:juniper:junos:19.2:r1-s4::::::	1	OR
cpe:2.3:o:juniper:junos:19.2:r1-s5::::::	1	OR
cpe:2.3:o:juniper:junos:19.2:r1-s6::::::	1	OR
cpe:2.3:o:juniper:junos:19.2:r1-s7::::::	1	OR
cpe:2.3:o:juniper:junos:19.2:r1-s8::::::	1	OR
cpe:2.3:o:juniper:junos:19.2:r1-s9::::::	1	OR
cpe:2.3:o:juniper:junos:19.2:r2::::::	1	OR
cpe:2.3:o:juniper:junos:19.2:r2-s1::::::	1	OR
cpe:2.3:o:juniper:junos:19.2:r3::::::	1	OR
cpe:2.3:o:juniper:junos:19.2:r3-s1::::::	1	OR
cpe:2.3:o:juniper:junos:19.2:r3-s2::::::	1	OR
cpe:2.3:o:juniper:junos:19.2:r3-s3::::::	1	OR
cpe:2.3:o:juniper:junos:19.2:r3-s4::::::	1	OR
cpe:2.3:o:juniper:junos:19.2:r3-s5::::::	1	OR
cpe:2.3:o:juniper:junos:19.3:-::::::	1	OR
cpe:2.3:o:juniper:junos:19.3:r1::::::	1	OR
cpe:2.3:o:juniper:junos:19.3:r1-s1::::::	1	OR
cpe:2.3:o:juniper:junos:19.3:r2::::::	1	OR
cpe:2.3:o:juniper:junos:19.3:r2-s1::::::	1	OR
cpe:2.3:o:juniper:junos:19.3:r2-s2::::::	1	OR
cpe:2.3:o:juniper:junos:19.3:r2-s3::::::	1	OR
cpe:2.3:o:juniper:junos:19.3:r2-s4::::::	1	OR
cpe:2.3:o:juniper:junos:19.3:r2-s5::::::	1	OR
cpe:2.3:o:juniper:junos:19.3:r2-s6::::::	1	OR
cpe:2.3:o:juniper:junos:19.3:r3::::::	1	OR
cpe:2.3:o:juniper:junos:19.3:r3-s1::::::	1	OR
cpe:2.3:o:juniper:junos:19.3:r3-s2::::::	1	OR
cpe:2.3:o:juniper:junos:19.3:r3-s3::::::	1	OR
cpe:2.3:o:juniper:junos:19.3:r3-s4::::::	1	OR
cpe:2.3:o:juniper:junos:19.4:-::::::	1	OR
cpe:2.3:o:juniper:junos:19.4:r1::::::	1	OR
cpe:2.3:o:juniper:junos:19.4:r1-s1::::::	1	OR
cpe:2.3:o:juniper:junos:19.4:r1-s2::::::	1	OR
cpe:2.3:o:juniper:junos:19.4:r1-s3::::::	1	OR
cpe:2.3:o:juniper:junos:19.4:r1-s4::::::	1	OR
cpe:2.3:o:juniper:junos:19.4:r2::::::	1	OR
cpe:2.3:o:juniper:junos:19.4:r2-s1::::::	1	OR
cpe:2.3:o:juniper:junos:19.4:r2-s2::::::	1	OR
cpe:2.3:o:juniper:junos:19.4:r2-s3::::::	1	OR
cpe:2.3:o:juniper:junos:19.4:r2-s4::::::	1	OR
cpe:2.3:o:juniper:junos:19.4:r2-s5::::::	1	OR
cpe:2.3:o:juniper:junos:19.4:r3::::::	1	OR
cpe:2.3:o:juniper:junos:19.4:r3-s1::::::	1	OR
cpe:2.3:o:juniper:junos:19.4:r3-s2::::::	1	OR
cpe:2.3:o:juniper:junos:19.4:r3-s3::::::	1	OR
cpe:2.3:o:juniper:junos:19.4:r3-s4::::::	1	OR
cpe:2.3:o:juniper:junos:19.4:r3-s5::::::	1	OR
cpe:2.3:o:juniper:junos:19.4:r3-s6::::::	1	OR
cpe:2.3:o:juniper:junos:20.1:r1::::::	1	OR
cpe:2.3:o:juniper:junos:20.1:r1-s1::::::	1	OR
cpe:2.3:o:juniper:junos:20.1:r1-s2::::::	1	OR
cpe:2.3:o:juniper:junos:20.1:r1-s3::::::	1	OR
cpe:2.3:o:juniper:junos:20.1:r1-s4::::::	1	OR
cpe:2.3:o:juniper:junos:20.1:r2::::::	1	OR
cpe:2.3:o:juniper:junos:20.1:r2-s1::::::	1	OR
cpe:2.3:o:juniper:junos:20.1:r2-s2::::::	1	OR
cpe:2.3:o:juniper:junos:20.1:r3::::::	1	OR
cpe:2.3:o:juniper:junos:20.1:r3-s1::::::	1	OR
cpe:2.3:o:juniper:junos:20.1:r3-s2::::::	1	OR
cpe:2.3:o:juniper:junos:20.1:r3-s3::::::	1	OR
cpe:2.3:o:juniper:junos:20.2:-::::::	1	OR
cpe:2.3:o:juniper:junos:20.2:r1::::::	1	OR
cpe:2.3:o:juniper:junos:20.2:r1-s1::::::	1	OR
cpe:2.3:o:juniper:junos:20.2:r1-s2::::::	1	OR
cpe:2.3:o:juniper:junos:20.2:r1-s3::::::	1	OR
cpe:2.3:o:juniper:junos:20.2:r2::::::	1	OR
cpe:2.3:o:juniper:junos:20.2:r2-s1::::::	1	OR
cpe:2.3:o:juniper:junos:20.2:r2-s2::::::	1	OR
cpe:2.3:o:juniper:junos:20.2:r2-s3::::::	1	OR
cpe:2.3:o:juniper:junos:20.2:r3::::::	1	OR
cpe:2.3:o:juniper:junos:20.2:r3-s1::::::	1	OR
cpe:2.3:o:juniper:junos:20.2:r3-s2::::::	1	OR
cpe:2.3:o:juniper:junos:20.2:r3-s3::::::	1	OR
cpe:2.3:o:juniper:junos:20.2:r3-s4::::::	1	OR
cpe:2.3:o:juniper:junos:20.3:-::::::	1	OR
cpe:2.3:o:juniper:junos:20.3:r1::::::	1	OR
cpe:2.3:o:juniper:junos:20.3:r1-s1::::::	1	OR
cpe:2.3:o:juniper:junos:20.3:r1-s2::::::	1	OR
cpe:2.3:o:juniper:junos:20.3:r2::::::	1	OR
cpe:2.3:o:juniper:junos:20.3:r2-s1::::::	1	OR
cpe:2.3:o:juniper:junos:20.3:r3::::::	1	OR
cpe:2.3:o:juniper:junos:20.3:r3-s1::::::	1	OR
cpe:2.3:o:juniper:junos:20.3:r3-s2::::::	1	OR
cpe:2.3:o:juniper:junos:20.3:r3-s3::::::	1	OR
cpe:2.3:o:juniper:junos:20.4:-::::::	1	OR
cpe:2.3:o:juniper:junos:20.4:r1::::::	1	OR
cpe:2.3:o:juniper:junos:20.4:r1-s1::::::	1	OR
cpe:2.3:o:juniper:junos:20.4:r2::::::	1	OR
cpe:2.3:o:juniper:junos:20.4:r2-s1::::::	1	OR
cpe:2.3:o:juniper:junos:20.4:r2-s2::::::	1	OR
cpe:2.3:o:juniper:junos:21.1:-::::::	1	OR
cpe:2.3:o:juniper:junos:21.1:r1::::::	1	OR
cpe:2.3:o:juniper:junos:21.1:r1-s1::::::	1	OR
cpe:2.3:o:juniper:junos:21.1:r2::::::	1	OR
cpe:2.3:o:juniper:junos:21.1:r2-s1::::::	1	OR
cpe:2.3:o:juniper:junos:21.1:r2-s2::::::	1	OR
cpe:2.3:o:juniper:junos:21.2:-::::::	1	OR
cpe:2.3:o:juniper:junos:21.2:r1::::::	1	OR
cpe:2.3:o:juniper:junos:21.2:r1-s1::::::	1	OR
cpe:2.3:o:juniper:junos:21.2:r1-s2::::::	1	OR
cpe:2.3:o:juniper:junos_os_evolved::::::::	1	OR	20.4
cpe:2.3:o:juniper:junos_os_evolved:20.4:-::::::	1	OR
cpe:2.3:o:juniper:junos_os_evolved:20.4:r1::::::	1	OR
cpe:2.3:o:juniper:junos_os_evolved:20.4:r1-s1::::::	1	OR
cpe:2.3:o:juniper:junos_os_evolved:20.4:r1-s2::::::	1	OR
cpe:2.3:o:juniper:junos_os_evolved:20.4:r2::::::	1	OR
cpe:2.3:o:juniper:junos_os_evolved:20.4:r2-s1::::::	1	OR
cpe:2.3:o:juniper:junos_os_evolved:20.4:r2-s2::::::	1	OR
cpe:2.3:o:juniper:junos_os_evolved:20.4:r2-s3::::::	1	OR
cpe:2.3:o:juniper:junos_os_evolved:21.1:-::::::	1	OR
cpe:2.3:o:juniper:junos_os_evolved:21.1:r1::::::	1	OR
cpe:2.3:o:juniper:junos_os_evolved:21.1:r1-s1::::::	1	OR
cpe:2.3:o:juniper:junos_os_evolved:21.1:r2::::::	1	OR
cpe:2.3:o:juniper:junos_os_evolved:21.1:r3::::::	1	OR
cpe:2.3:o:juniper:junos_os_evolved:21.2:-::::::	1	OR
cpe:2.3:o:juniper:junos_os_evolved:21.2:r1::::::	1	OR

CVSS Version 3

Version
3.1

Vector String
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Attack Vector
LOCAL

Attack Compatibility
LOW

Privileges Required
LOW

User Interaction
NONE

Scope
UNCHANGED

Confidentiality Impact
NONE

Availability Impact
HIGH

Base Score
5.5

Base Severity
MEDIUM

Exploitability Score
1.8

Impact Score
3.6

References

Reference URL	Reference Tags
https://kb.juniper.net/JSA69719

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2022-22215
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22215

History

Created	Old Value	New Value	Data Type	Notes
2022-07-20 16:00:27				Added to TrackCVE