Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2022-22187
HistoryApr 14, 2022 - 4:15 p.m.

Privilege escalation

2022-04-1416:15:00
PRIOn knowledge base
www.prio-n.com
8

7.5 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

An Improper Privilege Management vulnerability in the Windows Installer framework used in the Juniper Networks Juniper Identity Management Service (JIMS) allows an unprivileged user to trigger a repair operation. Running a repair operation, in turn, will trigger a number of file operations in the %TEMP% folder of the user triggering the repair. Some of these operations will be performed from a SYSTEM context (started via the Windows Installer service), including the execution of temporary files. An attacker may be able to provide malicious binaries to the Windows Installer, which will be executed with high privilege, leading to a local privilege escalation. This issue affects Juniper Networks Juniper Identity Management Service (JIMS) versions prior to 1.4.0.

CPENameOperatorVersion
identity_management_servicelt1.4.0

Related

cve 1
nvd 1
cvelist 1
cve
cve
CVE-2022-22187
2022-04-14 16:15:08
nvd
nvd
CVE-2022-22187
2022-04-14 16:15:08
cvelist
cvelist
CVE-2022-22187 JIMS: Local Privilege Escalation vulnerability via repair functionality
2022-04-13 00:00:00

7.5 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON
Related for PRION:CVE-2022-22187
cve1nvd1cvelist1