CVE-2022-22162

Summary

A Generation of Error Message Containing Sensitive Information vulnerability in the CLI of Juniper Networks Junos OS allows a locally authenticated attacker with low privileges to elevate these to the level of any other user logged in via J-Web at this time, potential leading to a full compromise of the device. This issue affects Juniper Networks Junos OS: All versions prior to 15.1R7-S11; 18.3 versions prior to 18.3R3-S6; 18.4 versions prior to 18.4R2-S9, 18.4R3-S10; 19.1 versions prior to 19.1R2-S3, 19.1R3-S7; 19.2 versions prior to 19.2R1-S8, 19.2R3-S4; 19.3 versions prior to 19.3R3-S4; 19.4 versions prior to 19.4R3-S6; 20.1 versions prior to 20.1R3-S2; 20.2 versions prior to 20.2R3-S3; 20.3 versions prior to 20.3R3-S1; 20.4 versions prior to 20.4R3-S1; 21.1 versions prior to 21.1R2-S1, 21.1R3; 21.2 versions prior to 21.2R1-S1, 21.2R2.

Affected Software

VendorProductVersion RangeStatus
Juniper NetworksJunos OSunspecified < 15.1R7-S11affected
Juniper NetworksJunos OS18.3 < 18.3R3-S6affected
Juniper NetworksJunos OS18.4 < 18.4R2-S9, 18.4R3-S10affected
Juniper NetworksJunos OS19.1 < 19.1R2-S3, 19.1R3-S7affected
Juniper NetworksJunos OS19.2 < 19.2R1-S8, 19.2R3-S4affected
Juniper NetworksJunos OS19.3 < 19.3R3-S4affected
Juniper NetworksJunos OS19.4 < 19.4R3-S6affected
Juniper NetworksJunos OS20.1 < 20.1R3-S2affected
Juniper NetworksJunos OS20.2 < 20.2R3-S3affected
Juniper NetworksJunos OS20.3 < 20.3R3-S1affected
Juniper NetworksJunos OS20.4 < 20.4R3-S1affected
Juniper NetworksJunos OS21.1 < 21.1R2-S1, 21.1R3affected
Juniper NetworksJunos OS21.2 < 21.2R1-S1, 21.2R2affected

Weaknesses

  • CWE-209: CWE-209 Information Exposure Through an Error Message
  • Privilege Escalation

Workarounds

There are no viable workarounds for this issue other than disabling J-Web.

To reduce the risk of exploitation of this issue, use access lists or firewall filters to limit access to only trusted administrative networks, hosts and users.

ADP Enrichment

CVE Program Container

Additional References

References