CVE-2022-22251
cSRX Series: Storing Passwords in a Recoverable Format and software permissions issues allows a local attacker to elevate privileges
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
On cSRX Series devices software permission issues in the container filesystem and stored files combined with storing passwords in a recoverable format in Juniper Networks Junos OS allows a local, low-privileged attacker to elevate their permissions to take control of any instance of a cSRX software deployment. This issue affects Juniper Networks Junos OS 20.2 version 20.2R1 and later versions prior to 21.2R1 on cSRX Series.
En los dispositivos cSRX Series, los problemas de permisos de software en el sistema de archivos del contenedor y los archivos almacenados, combinados con el almacenamiento de contraseñas en un formato recuperable en Junos OS de Juniper Networks, permiten a un atacante local poco privilegiado elevar sus permisos para tomar el control de cualquier instancia de una implementación de software cSRX. Este problema afecta a Juniper Networks Junos OS 20.2 versión 20.2R1 y versiones posteriores anteriores a 21.2R1 en cSRX Series
CVSS Scores
SSVC
- Decision:-
Timeline
- 2021-12-21 CVE Reserved
- 2022-10-18 CVE Published
- 2023-03-08 EPSS Updated
- 2024-09-16 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-257: Storing Passwords in a Recoverable Format
- CWE-275: Permission Issues
- CWE-522: Insufficiently Protected Credentials
CAPEC
References (1)
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | >= 20.2 < 21.2 Search vendor "Juniper" for product "Junos" and version " >= 20.2 < 21.2" | - |
Affected
| in | Juniper Search vendor "Juniper" | Csrx Search vendor "Juniper" for product "Csrx" | - | - |
Safe
|