CVE-2022-22162
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Summary
A Generation of Error Message Containing Sensitive Information vulnerability in the CLI of Juniper Networks Junos OS allows a locally authenticated attacker with low privileges to elevate these to the level of any other user logged in via J-Web at this time, potential leading to a full compromise of the device. This issue affects Juniper Networks Junos OS: All versions prior to 15.1R7-S11; 18.3 versions prior to 18.3R3-S6; 18.4 versions prior to 18.4R2-S9, 18.4R3-S10; 19.1 versions prior to 19.1R2-S3, 19.1R3-S7; 19.2 versions prior to 19.2R1-S8, 19.2R3-S4; 19.3 versions prior to 19.3R3-S4; 19.4 versions prior to 19.4R3-S6; 20.1 versions prior to 20.1R3-S2; 20.2 versions prior to 20.2R3-S3; 20.3 versions prior to 20.3R3-S1; 20.4 versions prior to 20.4R3-S1; 21.1 versions prior to 21.1R2-S1, 21.1R3; 21.2 versions prior to 21.2R1-S1, 21.2R2.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Juniper Networks | Junos OS | unspecified < 15.1R7-S11 | affected |
| Juniper Networks | Junos OS | 18.3 < 18.3R3-S6 | affected |
| Juniper Networks | Junos OS | 18.4 < 18.4R2-S9, 18.4R3-S10 | affected |
| Juniper Networks | Junos OS | 19.1 < 19.1R2-S3, 19.1R3-S7 | affected |
| Juniper Networks | Junos OS | 19.2 < 19.2R1-S8, 19.2R3-S4 | affected |
| Juniper Networks | Junos OS | 19.3 < 19.3R3-S4 | affected |
| Juniper Networks | Junos OS | 19.4 < 19.4R3-S6 | affected |
| Juniper Networks | Junos OS | 20.1 < 20.1R3-S2 | affected |
| Juniper Networks | Junos OS | 20.2 < 20.2R3-S3 | affected |
| Juniper Networks | Junos OS | 20.3 < 20.3R3-S1 | affected |
| Juniper Networks | Junos OS | 20.4 < 20.4R3-S1 | affected |
| Juniper Networks | Junos OS | 21.1 < 21.1R2-S1, 21.1R3 | affected |
| Juniper Networks | Junos OS | 21.2 < 21.2R1-S1, 21.2R2 | affected |
Weaknesses
- CWE-209: CWE-209 Information Exposure Through an Error Message
- Privilege Escalation
Workarounds
There are no viable workarounds for this issue other than disabling J-Web.
To reduce the risk of exploitation of this issue, use access lists or firewall filters to limit access to only trusted administrative networks, hosts and users.
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.