On cSRX Series devices software permission issues in the container filesystem and stored files combined with storing passwords in a recoverable format in Juniper Networks Junos OS allows a local, low-privileged attacker to elevate their permissions to take control of any instance of a cSRX software deployment. This issue affects Juniper Networks Junos OS 20.2 version 20.2R1 and later versions prior to 21.2R1 on cSRX Series.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://kb.juniper.net/JSA69908 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: juniper
Published: 2022-10-18T02:46:54.129749Z
Updated: 2024-09-16T16:48:02.545Z
Reserved: 2021-12-21T00:00:00
Link: CVE-2022-22251
Vulnrichment
No data.
NVD
Status : Modified
Published: 2022-10-18T03:15:11.657
Modified: 2024-11-21T06:46:29.557
Link: CVE-2022-22251
Redhat
No data.