CVE-2022-22189

Contrail Service Orchestration: An authenticated local user may have their permissions elevated via the device via management interface without authentication

Severity Score

7.8

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

An Incorrect Ownership Assignment vulnerability in Juniper Networks Contrail Service Orchestration (CSO) allows a locally authenticated user to have their permissions elevated without authentication thereby taking control of the local system they are currently authenticated to. This issue affects: Juniper Networks Contrail Service Orchestration 6.0.0 versions prior to 6.0.0 Patch v3 on On-premises installations. This issue does not affect Juniper Networks Contrail Service Orchestration On-premises versions prior to 6.0.0.

Una vulnerabilidad de Asignación de Propiedad Incorrecta en Juniper Networks Contrail Service Orchestration (CSO) permite que un usuario autenticado localmente tenga sus permisos elevados sin autenticación, tomando así el control del sistema local en el que está autenticado. Este problema afecta a: Juniper Networks Contrail Service Orchestration versiones 6.0.0 anteriores a 6.0.0 Patch v3 en instalaciones locales. Este problema no afecta a las versiones locales de Juniper Networks Contrail Service Orchestration anteriores a 6.0.0

*Credits: N/A

CVSS Scores

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

Required

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Attack Vector

Local

Attack Complexity

Low

Authentication

None

Confidentiality

Complete

Integrity

Complete

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2021-12-21 CVE Reserved
2022-04-14 CVE Published
2023-11-05 EPSS Updated
2024-09-16 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-288: Authentication Bypass Using an Alternate Path or Channel
CWE-708: Incorrect Ownership Assignment

CAPEC

References (0)

URL	Tag	Source

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Juniper Search vendor "Juniper"		Contrail Service Orchestration Search vendor "Juniper" for product "Contrail Service Orchestration"				6.0.0 Search vendor "Juniper" for product "Contrail Service Orchestration" and version "6.0.0"		-		Affected
Juniper Search vendor "Juniper"		Contrail Service Orchestration Search vendor "Juniper" for product "Contrail Service Orchestration"				6.0.0 Search vendor "Juniper" for product "Contrail Service Orchestration" and version "6.0.0"		patch1		Affected
Juniper Search vendor "Juniper"		Contrail Service Orchestration Search vendor "Juniper" for product "Contrail Service Orchestration"				6.0.0 Search vendor "Juniper" for product "Contrail Service Orchestration" and version "6.0.0"		patch2		Affected