On cSRX Series devices software permission issues in the container filesystem and stored files combined with storing passwords in a recoverable format in Juniper Networks Junos OS allows a local, low-privileged attacker to elevate their permissions to take control of any instance of a cSRX software deployment. This issue affects Juniper Networks Junos OS 20.2 version 20.2R1 and later versions prior to 21.2R1 on cSRX Series.
References
Link | Resource |
---|---|
https://kb.juniper.net/JSA69908 | Mitigation Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: juniper
Published: 2022-10-12T00:00:00
Updated: 2022-10-18T00:00:00
Reserved: 2021-12-21T00:00:00
Link: CVE-2022-22251
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-10-18T03:15:11.657
Modified: 2022-10-21T17:08:01.547
Link: CVE-2022-22251
JSON object: View
Redhat Information
No data.