Lucene search
HistoryJan 19, 2022 - 1:15 a.m.
CVE-2022-22162
vulnerability
juniper networks
junos os
authentication
j-web
device compromise
security
cve-2022-22162
nvd
6.9 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.4 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
12.7%
A Generation of Error Message Containing Sensitive Information vulnerability in the CLI of Juniper Networks Junos OS allows a locally authenticated attacker with low privileges to elevate these to the level of any other user logged in via J-Web at this time, potential leading to a full compromise of the device. This issue affects Juniper Networks Junos OS: All versions prior to 15.1R7-S11; 18.3 versions prior to 18.3R3-S6; 18.4 versions prior to 18.4R2-S9, 18.4R3-S10; 19.1 versions prior to 19.1R2-S3, 19.1R3-S7; 19.2 versions prior to 19.2R1-S8, 19.2R3-S4; 19.3 versions prior to 19.3R3-S4; 19.4 versions prior to 19.4R3-S6; 20.1 versions prior to 20.1R3-S2; 20.2 versions prior to 20.2R3-S3; 20.3 versions prior to 20.3R3-S1; 20.4 versions prior to 20.4R3-S1; 21.1 versions prior to 21.1R2-S1, 21.1R3; 21.2 versions prior to 21.2R1-S1, 21.2R2.
Affected configurations
Node
juniperjunosRange<15.1
ORjuniperjunosMatch15.1-
ORjuniperjunosMatch15.1a1
ORjuniperjunosMatch15.1f
ORjuniperjunosMatch15.1f1
ORjuniperjunosMatch15.1f2
ORjuniperjunosMatch15.1f2-s1
ORjuniperjunosMatch15.1f2-s2
ORjuniperjunosMatch15.1f2-s3
ORjuniperjunosMatch15.1f2-s4
ORjuniperjunosMatch15.1f3
ORjuniperjunosMatch15.1f4
ORjuniperjunosMatch15.1f5
ORjuniperjunosMatch15.1f5-s7
ORjuniperjunosMatch15.1f6
ORjuniperjunosMatch15.1f6-s1
ORjuniperjunosMatch15.1f6-s10
ORjuniperjunosMatch15.1f6-s12
ORjuniperjunosMatch15.1f6-s2
ORjuniperjunosMatch15.1f6-s3
ORjuniperjunosMatch15.1f6-s4
ORjuniperjunosMatch15.1f6-s5
ORjuniperjunosMatch15.1f6-s6
ORjuniperjunosMatch15.1f6-s7
ORjuniperjunosMatch15.1f6-s8
ORjuniperjunosMatch15.1f6-s9
ORjuniperjunosMatch15.1f7
ORjuniperjunosMatch15.1r
ORjuniperjunosMatch15.1r1
ORjuniperjunosMatch15.1r2
ORjuniperjunosMatch15.1r3
ORjuniperjunosMatch15.1r4
ORjuniperjunosMatch15.1r4-s7
ORjuniperjunosMatch15.1r4-s8
ORjuniperjunosMatch15.1r4-s9
ORjuniperjunosMatch15.1r5
ORjuniperjunosMatch15.1r5-s1
ORjuniperjunosMatch15.1r5-s3
ORjuniperjunosMatch15.1r5-s5
ORjuniperjunosMatch15.1r5-s6
ORjuniperjunosMatch15.1r6
ORjuniperjunosMatch15.1r6-s1
ORjuniperjunosMatch15.1r6-s2
ORjuniperjunosMatch15.1r6-s3
ORjuniperjunosMatch15.1r6-s4
ORjuniperjunosMatch15.1r6-s6
ORjuniperjunosMatch15.1r7
ORjuniperjunosMatch15.1r7-s1
ORjuniperjunosMatch15.1r7-s10
ORjuniperjunosMatch15.1r7-s2
ORjuniperjunosMatch15.1r7-s3
ORjuniperjunosMatch15.1r7-s4
ORjuniperjunosMatch15.1r7-s5
ORjuniperjunosMatch15.1r7-s6
ORjuniperjunosMatch15.1r7-s7
ORjuniperjunosMatch15.1r7-s8
ORjuniperjunosMatch15.1r7-s9
ORjuniperjunosMatch18.3-
ORjuniperjunosMatch18.3r
ORjuniperjunosMatch18.3r1
ORjuniperjunosMatch18.3r1-s1
ORjuniperjunosMatch18.3r1-s2
ORjuniperjunosMatch18.3r1-s3
ORjuniperjunosMatch18.3r1-s4
ORjuniperjunosMatch18.3r1-s5
ORjuniperjunosMatch18.3r1-s6
ORjuniperjunosMatch18.3r2
ORjuniperjunosMatch18.3r2-s1
ORjuniperjunosMatch18.3r2-s2
ORjuniperjunosMatch18.3r2-s3
ORjuniperjunosMatch18.3r2-s4
ORjuniperjunosMatch18.3r3
ORjuniperjunosMatch18.3r3-s1
ORjuniperjunosMatch18.3r3-s2
ORjuniperjunosMatch18.3r3-s3
ORjuniperjunosMatch18.3r3-s4
ORjuniperjunosMatch18.3r3-s5
ORjuniperjunosMatch18.4-
ORjuniperjunosMatch18.4r1
ORjuniperjunosMatch18.4r1-s1
ORjuniperjunosMatch18.4r1-s2
ORjuniperjunosMatch18.4r1-s3
ORjuniperjunosMatch18.4r1-s4
ORjuniperjunosMatch18.4r1-s5
ORjuniperjunosMatch18.4r1-s6
ORjuniperjunosMatch18.4r1-s7
ORjuniperjunosMatch18.4r2
ORjuniperjunosMatch18.4r2-s1
ORjuniperjunosMatch18.4r2-s2
ORjuniperjunosMatch18.4r2-s3
ORjuniperjunosMatch18.4r2-s4
ORjuniperjunosMatch18.4r2-s5
ORjuniperjunosMatch18.4r2-s6
ORjuniperjunosMatch18.4r2-s7
ORjuniperjunosMatch18.4r2-s8
ORjuniperjunosMatch18.4r3
ORjuniperjunosMatch18.4r3-s1
ORjuniperjunosMatch18.4r3-s2
ORjuniperjunosMatch18.4r3-s3
ORjuniperjunosMatch18.4r3-s4
ORjuniperjunosMatch18.4r3-s5
ORjuniperjunosMatch18.4r3-s6
ORjuniperjunosMatch18.4r3-s7
ORjuniperjunosMatch18.4r3-s8
ORjuniperjunosMatch18.4r3-s9
ORjuniperjunosMatch19.1-
ORjuniperjunosMatch19.1r1
ORjuniperjunosMatch19.1r1-s1
ORjuniperjunosMatch19.1r1-s2
ORjuniperjunosMatch19.1r1-s3
ORjuniperjunosMatch19.1r1-s4
ORjuniperjunosMatch19.1r1-s5
ORjuniperjunosMatch19.1r1-s6
ORjuniperjunosMatch19.1r2
ORjuniperjunosMatch19.1r2-s1
ORjuniperjunosMatch19.1r2-s2
ORjuniperjunosMatch19.1r3
ORjuniperjunosMatch19.1r3-s1
ORjuniperjunosMatch19.1r3-s2
ORjuniperjunosMatch19.1r3-s3
ORjuniperjunosMatch19.1r3-s4
ORjuniperjunosMatch19.1r3-s5
ORjuniperjunosMatch19.1r3-s6
ORjuniperjunosMatch19.2-
ORjuniperjunosMatch19.2r1
ORjuniperjunosMatch19.2r1-s1
ORjuniperjunosMatch19.2r1-s2
ORjuniperjunosMatch19.2r1-s3
ORjuniperjunosMatch19.2r1-s4
ORjuniperjunosMatch19.2r1-s5
ORjuniperjunosMatch19.2r1-s6
ORjuniperjunosMatch19.2r1-s7
ORjuniperjunosMatch19.2r2
ORjuniperjunosMatch19.2r2-s1
ORjuniperjunosMatch19.2r3
ORjuniperjunosMatch19.2r3-s1
ORjuniperjunosMatch19.2r3-s2
ORjuniperjunosMatch19.2r3-s3
ORjuniperjunosMatch19.3-
ORjuniperjunosMatch19.3r1
ORjuniperjunosMatch19.3r1-s1
ORjuniperjunosMatch19.3r2
ORjuniperjunosMatch19.3r2-s1
ORjuniperjunosMatch19.3r2-s2
ORjuniperjunosMatch19.3r2-s3
ORjuniperjunosMatch19.3r2-s4
ORjuniperjunosMatch19.3r2-s5
ORjuniperjunosMatch19.3r2-s6
ORjuniperjunosMatch19.3r3
ORjuniperjunosMatch19.3r3-s1
ORjuniperjunosMatch19.3r3-s2
ORjuniperjunosMatch19.3r3-s3
ORjuniperjunosMatch19.4r1
ORjuniperjunosMatch19.4r1-s1
ORjuniperjunosMatch19.4r1-s2
ORjuniperjunosMatch19.4r1-s3
ORjuniperjunosMatch19.4r1-s4
ORjuniperjunosMatch19.4r2
ORjuniperjunosMatch19.4r2-s1
ORjuniperjunosMatch19.4r2-s2
ORjuniperjunosMatch19.4r2-s3
ORjuniperjunosMatch19.4r2-s4
ORjuniperjunosMatch19.4r2-s5
ORjuniperjunosMatch19.4r3
ORjuniperjunosMatch19.4r3-s1
ORjuniperjunosMatch19.4r3-s2
ORjuniperjunosMatch19.4r3-s3
ORjuniperjunosMatch19.4r3-s4
ORjuniperjunosMatch19.4r3-s5
ORjuniperjunosMatch20.1r1
ORjuniperjunosMatch20.1r1-s1
ORjuniperjunosMatch20.1r1-s2
ORjuniperjunosMatch20.1r1-s3
ORjuniperjunosMatch20.1r1-s4
ORjuniperjunosMatch20.1r2
ORjuniperjunosMatch20.1r2-s1
ORjuniperjunosMatch20.1r2-s2
ORjuniperjunosMatch20.1r3
ORjuniperjunosMatch20.1r3-s1
ORjuniperjunosMatch20.2r1
ORjuniperjunosMatch20.2r1-s1
ORjuniperjunosMatch20.2r1-s2
ORjuniperjunosMatch20.2r1-s3
ORjuniperjunosMatch20.2r2
ORjuniperjunosMatch20.2r2-s1
ORjuniperjunosMatch20.2r2-s2
ORjuniperjunosMatch20.2r2-s3
ORjuniperjunosMatch20.2r3
ORjuniperjunosMatch20.2r3-s1
ORjuniperjunosMatch20.2r3-s2
ORjuniperjunosMatch20.3r1
ORjuniperjunosMatch20.3r1-s1
ORjuniperjunosMatch20.3r2
ORjuniperjunosMatch20.3r2-s1
ORjuniperjunosMatch20.3r3
ORjuniperjunosMatch20.4r1
ORjuniperjunosMatch20.4r1-s1
ORjuniperjunosMatch20.4r2
ORjuniperjunosMatch20.4r2-s1
ORjuniperjunosMatch20.4r3
ORjuniperjunosMatch21.1r1
ORjuniperjunosMatch21.1r1-s1
ORjuniperjunosMatch21.1r2
ORjuniperjunosMatch21.2r1
CNA Affected
[
{
"product": "Junos OS",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "15.1R7-S11",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "18.3R3-S6",
"status": "affected",
"version": "18.3",
"versionType": "custom"
},
{
"lessThan": "18.4R2-S9, 18.4R3-S10",
"status": "affected",
"version": "18.4",
"versionType": "custom"
},
{
"lessThan": "19.1R2-S3, 19.1R3-S7",
"status": "affected",
"version": "19.1",
"versionType": "custom"
},
{
"lessThan": "19.2R1-S8, 19.2R3-S4",
"status": "affected",
"version": "19.2",
"versionType": "custom"
},
{
"lessThan": "19.3R3-S4",
"status": "affected",
"version": "19.3",
"versionType": "custom"
},
{
"lessThan": "19.4R3-S6",
"status": "affected",
"version": "19.4",
"versionType": "custom"
},
{
"lessThan": "20.1R3-S2",
"status": "affected",
"version": "20.1",
"versionType": "custom"
},
{
"lessThan": "20.2R3-S3",
"status": "affected",
"version": "20.2",
"versionType": "custom"
},
{
"lessThan": "20.3R3-S1",
"status": "affected",
"version": "20.3",
"versionType": "custom"
},
{
"lessThan": "20.4R3-S1",
"status": "affected",
"version": "20.4",
"versionType": "custom"
},
{
"lessThan": "21.1R2-S1, 21.1R3",
"status": "affected",
"version": "21.1",
"versionType": "custom"
},
{
"lessThan": "21.2R1-S1, 21.2R2",
"status": "affected",
"version": "21.2",
"versionType": "custom"
}
]
}
]References
Related
prion
prion
Information disclosure
2022-01-19 01:15:00
nvd
nvd
CVE-2022-22162
2022-01-19 01:15:08
cnvd
cnvd
nessus
nessus
Juniper Junos OS Vulnerability (JSA11270)
2022-01-12 00:00:00
6.9 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.4 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
12.7%
Related for CVE-2022-22162