CVE-2022-22251 — Storing Passwords in a Recoverable Format in Networks Junos OS

CWE-257 — Storing Passwords in a Recoverable Format CWE-275 CWE-522 — Insufficiently Protected Credentials4 documents4 sources

Severity

7.8HIGHNVD

EPSS

0.1%

top 78.21%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Juniper Networks Junos OS Juniper Junos

Timeline

PublishedOct 18

Description

On cSRX Series devices software permission issues in the container filesystem and stored files combined with storing passwords in a recoverable format in Juniper Networks Junos OS allows a local, low-privileged attacker to elevate their permissions to take control of any instance of a cSRX software deployment. This issue affects Juniper Networks Junos OS 20.2 version 20.2R1 and later versions prior to 21.2R1 on cSRX Series.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages2 packages

▶CVEListV5juniper_networks/junos_os20.2R1 — 20.2*+3

▶NVDjuniper/junos20.2 — 21.2

🔴Vulnerability Details

CVEList

cSRX Series: Storing Passwords in a Recoverable Format and software permissions issues allows a local attacker to elevate privileges↗2022-10-18

▶

GHSA

GHSA-hrjj-p4r3-74mg: On cSRX Series devices software permission issues in the container filesystem and stored files combined with storing passwords in a recoverable format↗2022-10-18

▶

📋Vendor Advisories

Juniper

CVE-2022-22251: On cSRX Series devices software permission issues in the container filesystem and stored files combined with storing passwords in a recoverable format↗2022-10-18

▶