// For flags

CVE-2022-22251

cSRX Series: Storing Passwords in a Recoverable Format and software permissions issues allows a local attacker to elevate privileges

Severity Score

7.8
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

On cSRX Series devices software permission issues in the container filesystem and stored files combined with storing passwords in a recoverable format in Juniper Networks Junos OS allows a local, low-privileged attacker to elevate their permissions to take control of any instance of a cSRX software deployment. This issue affects Juniper Networks Junos OS 20.2 version 20.2R1 and later versions prior to 21.2R1 on cSRX Series.

En los dispositivos cSRX Series, los problemas de permisos de software en el sistema de archivos del contenedor y los archivos almacenados, combinados con el almacenamiento de contraseñas en un formato recuperable en Junos OS de Juniper Networks, permiten a un atacante local poco privilegiado elevar sus permisos para tomar el control de cualquier instancia de una implementación de software cSRX. Este problema afecta a Juniper Networks Junos OS 20.2 versión 20.2R1 y versiones posteriores anteriores a 21.2R1 en cSRX Series

*Credits: N/A
CVSS Scores
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2021-12-21 CVE Reserved
  • 2022-10-18 CVE Published
  • 2023-03-08 EPSS Updated
  • 2024-09-16 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-257: Storing Passwords in a Recoverable Format
  • CWE-275: Permission Issues
  • CWE-522: Insufficiently Protected Credentials
CAPEC
References (1)
URL Tag Source
URL Date SRC
URL Date SRC
URL Date SRC
https://kb.juniper.net/JSA69908 2022-10-21
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Juniper
Search vendor "Juniper"
 Junos
Search vendor "Juniper" for product "Junos"
 >= 20.2 < 21.2
Search vendor "Juniper" for product "Junos" and version " >= 20.2 < 21.2"
-
Affected
in Juniper
Search vendor "Juniper"
 Csrx
Search vendor "Juniper" for product "Csrx"
--
Safe