How severe is CVE-2022-22160?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.5 out of 10.

What type of vulnerability is CVE-2022-22160?

This is classified as CWE-391, which is a common weakness in software security.

CVE-2022-22160 - MEDIUM Severity | CVSS 6.5

Vulnerability Description

An Unchecked Error Condition vulnerability in the subscriber management daemon (smgd) of Juniper Networks Junos OS allows an unauthenticated adjacent attacker to cause a crash of and thereby a Denial of Service (DoS). In a subscriber management / broadband edge environment if a single session group configuration contains dual-stack and a pp0 interface, smgd will crash and restart every time a PPPoE client sends a specific message. This issue affects Juniper Networks Junos OS on MX Series: 16.1 version 16.1R1 and later versions prior to 18.4R3-S10; 19.1 versions prior to 19.1R2-S3, 19.1R3-S7; 19.2 versions prior to 19.2R1-S8, 19.2R3-S4; 19.3 versions prior to 19.3R3-S4; 19.4 versions prior to 19.4R3-S5; 20.1 versions prior to 20.1R3-S3; 20.2 versions prior to 20.2R3-S3; 20.3 versions prior to 20.3R3-S2; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R3; 21.2 versions prior to 21.2R2. This issue does not affect Juniper Networks Junos OS versions prior to 16.1R1.

Related Vulnerabilities

CVE-2020-14383

MEDIUM

CVSS:6.5(Medium)

A flaw was found in samba's DNS server. An authenticated user could use this flaw to the RPC server to crash. This RPC server, which also serves protocols other than dnsserver, will be restarted after...

CWE-3912020

CVE-2022-20849

MEDIUM

CVSS:6.1(Medium)

A vulnerability in the Broadband Network Gateway PPP over Ethernet (PPPoE) feature of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause the PPPoE process to continu...

CWE-3912022

CVE-2017-7496

HIGH

CVSS:7.0(High)

fedora-arm-installer up to and including 1.99.16 is vulnerable to local privilege escalation due to lack of checking the error condition of mount operation failure on unsafely created temporary direct...

CWE-3912017

CVE-2018-1091

MEDIUM

CVSS:5.5(Medium)

In the flush_tmregs_to_thread function in arch/powerpc/kernel/ptrace.c in the Linux kernel before 4.13.5, a guest kernel crash can be triggered from unprivileged userspace during a core dump on a POWE...

CWE-3912018

CVE-2023-0572

MEDIUM

CVSS:5.3(Medium)

Unchecked Error Condition in GitHub repository froxlor/froxlor prior to 2.0.10.

CWE-3912023

CVE-2023-32871

MEDIUM

CVSS:5.3(Medium)

In DA, there is a possible permission bypass due to an incorrect status check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not ...

CWE-3912023