7.4

CVE-2022-22156

Exploit

An Improper Certificate Validation weakness in the Juniper Networks Junos OS allows an attacker to perform Person-in-the-Middle (PitM) attacks when a system script is fetched from a remote source at a specified HTTPS URL, which may compromise the integrity and confidentiality of the device. The following command can be executed by an administrator via the CLI to refresh a script from a remote location, which is affected from this vulnerability: >request system scripts refresh-from (commit | event | extension-service | op | snmp) file filename url <https-url> This issue affects: Juniper Networks Junos OS All versions prior to 18.4R2-S9, 18.4R3-S9; 19.1 versions prior to 19.1R2-S3, 19.1R3-S7; 19.2 versions prior to 19.2R1-S7, 19.2R3-S3; 19.3 versions prior to 19.3R3-S4; 19.4 versions prior to 19.4R3-S7; 20.1 versions prior to 20.1R2-S2, 20.1R3; 20.2 versions prior to 20.2R3; 20.3 versions prior to 20.3R2-S1, 20.3R3; 20.4 versions prior to 20.4R2; 21.1 versions prior to 21.1R1-S1, 21.1R2.

Data is provided by the National Vulnerability Database (NVD)
JuniperJunos Version <= 18.3
JuniperJunos Version18.4 Update-
JuniperJunos Version18.4 Updater1
JuniperJunos Version18.4 Updater1-s1
JuniperJunos Version18.4 Updater1-s2
JuniperJunos Version18.4 Updater1-s3
JuniperJunos Version18.4 Updater1-s4
JuniperJunos Version18.4 Updater1-s5
JuniperJunos Version18.4 Updater1-s6
JuniperJunos Version18.4 Updater1-s7
JuniperJunos Version18.4 Updater2
JuniperJunos Version18.4 Updater2-s1
JuniperJunos Version18.4 Updater2-s2
JuniperJunos Version18.4 Updater2-s3
JuniperJunos Version18.4 Updater2-s4
JuniperJunos Version18.4 Updater2-s5
JuniperJunos Version18.4 Updater2-s6
JuniperJunos Version18.4 Updater2-s7
JuniperJunos Version18.4 Updater2-s8
JuniperJunos Version18.4 Updater3
JuniperJunos Version18.4 Updater3-s1
JuniperJunos Version18.4 Updater3-s2
JuniperJunos Version18.4 Updater3-s3
JuniperJunos Version18.4 Updater3-s4
JuniperJunos Version18.4 Updater3-s5
JuniperJunos Version18.4 Updater3-s6
JuniperJunos Version18.4 Updater3-s7
JuniperJunos Version18.4 Updater3-s8
JuniperJunos Version19.1 Update-
JuniperJunos Version19.1 Updater1
JuniperJunos Version19.1 Updater1-s1
JuniperJunos Version19.1 Updater1-s2
JuniperJunos Version19.1 Updater1-s3
JuniperJunos Version19.1 Updater1-s4
JuniperJunos Version19.1 Updater1-s5
JuniperJunos Version19.1 Updater1-s6
JuniperJunos Version19.1 Updater2
JuniperJunos Version19.1 Updater2-s1
JuniperJunos Version19.1 Updater2-s2
JuniperJunos Version19.1 Updater3
JuniperJunos Version19.1 Updater3-s1
JuniperJunos Version19.1 Updater3-s2
JuniperJunos Version19.1 Updater3-s3
JuniperJunos Version19.1 Updater3-s4
JuniperJunos Version19.1 Updater3-s5
JuniperJunos Version19.1 Updater3-s6
JuniperJunos Version19.2 Update-
JuniperJunos Version19.2 Updater1
JuniperJunos Version19.2 Updater1-s1
JuniperJunos Version19.2 Updater1-s2
JuniperJunos Version19.2 Updater1-s3
JuniperJunos Version19.2 Updater1-s4
JuniperJunos Version19.2 Updater1-s5
JuniperJunos Version19.2 Updater1-s6
JuniperJunos Version19.2 Updater2
JuniperJunos Version19.2 Updater2-s1
JuniperJunos Version19.2 Updater3
JuniperJunos Version19.2 Updater3-s1
JuniperJunos Version19.2 Updater3-s2
JuniperJunos Version19.3 Update-
JuniperJunos Version19.3 Updater1
JuniperJunos Version19.3 Updater1-s1
JuniperJunos Version19.3 Updater2
JuniperJunos Version19.3 Updater2-s1
JuniperJunos Version19.3 Updater2-s2
JuniperJunos Version19.3 Updater2-s3
JuniperJunos Version19.3 Updater2-s4
JuniperJunos Version19.3 Updater2-s5
JuniperJunos Version19.3 Updater2-s6
JuniperJunos Version19.3 Updater3
JuniperJunos Version19.3 Updater3-s1
JuniperJunos Version19.3 Updater3-s2
JuniperJunos Version19.3 Updater3-s3
JuniperJunos Version19.4 Updater1
JuniperJunos Version19.4 Updater1-s1
JuniperJunos Version19.4 Updater1-s2
JuniperJunos Version19.4 Updater1-s3
JuniperJunos Version19.4 Updater1-s4
JuniperJunos Version19.4 Updater2
JuniperJunos Version19.4 Updater2-s1
JuniperJunos Version19.4 Updater2-s2
JuniperJunos Version19.4 Updater2-s3
JuniperJunos Version19.4 Updater2-s4
JuniperJunos Version19.4 Updater2-s5
JuniperJunos Version19.4 Updater3
JuniperJunos Version19.4 Updater3-s1
JuniperJunos Version19.4 Updater3-s2
JuniperJunos Version19.4 Updater3-s3
JuniperJunos Version19.4 Updater3-s4
JuniperJunos Version19.4 Updater3-s5
JuniperJunos Version19.4 Updater3-s6
JuniperJunos Version20.1 Updater1
JuniperJunos Version20.1 Updater1-s1
JuniperJunos Version20.1 Updater1-s2
JuniperJunos Version20.1 Updater1-s3
JuniperJunos Version20.1 Updater1-s4
JuniperJunos Version20.1 Updater2
JuniperJunos Version20.1 Updater2-s1
JuniperJunos Version20.2 Updater1
JuniperJunos Version20.2 Updater1-s1
JuniperJunos Version20.2 Updater1-s2
JuniperJunos Version20.2 Updater1-s3
JuniperJunos Version20.2 Updater2
JuniperJunos Version20.2 Updater2-s1
JuniperJunos Version20.2 Updater2-s2
JuniperJunos Version20.2 Updater2-s3
JuniperJunos Version20.3 Updater1
JuniperJunos Version20.3 Updater1-s1
JuniperJunos Version20.3 Updater2
JuniperJunos Version20.4 Updater1
JuniperJunos Version20.4 Updater1-s1
JuniperJunos Version21.1 Updater1
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.12% 0.271
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 7.4 2.2 5.2
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
nvd@nist.gov 5.8 8.6 4.9
AV:N/AC:M/Au:N/C:P/I:P/A:N
sirt@juniper.net 6.5 2.2 4.2
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N
CWE-295 Improper Certificate Validation

The product does not validate, or incorrectly validates, a certificate.

CWE-300 Channel Accessible by Non-Endpoint

The product does not adequately verify the identity of actors at both ends of a communication channel, or does not adequately ensure the integrity of the channel, in a way that allows the channel to be accessed or influenced by an actor that is not an endpoint.

CWE-358 Improperly Implemented Security Check for Standard

The product does not implement or incorrectly implements one or more security-relevant checks as specified by the design of a standardized algorithm, protocol, or technique.

https://kb.juniper.net/JSA11264
Vendor Advisory
Exploit