Six high-severity security flaws have been detected to affect Juniper Networks devices that remote attackers can exploit via code execution. These vulnerabilities in Junos OS include CVE-2022-22246, CVE-2022-22245, CVE-2022-22244, CVE-2022-22243, CVE-2022-22242, and CVE-2022-22241.
According to Paulos Yibelo- an Octagon Networks researcher, the most severe among these vulnerabilities is CVE-2022-22241. He said, “When an unauthenticated, remote attacker exploits this vulnerability, he can get access to deserialized phar files that lead to arbitrary file write, and thus the remote code execution occurs.”
This blog post explains all six newly disclosed vulnerabilities in Junos OS and implementation steps on how you can fix these vulnerabilities.
Summary of CVE-2022-22241
CVE-2022-22241 has a CVSS score of 8.1 and is a vulnerability in the Junos OS J-Web component. Improper Input Validation vulnerability can allow a remote attacker to access data without proper authorization.
The hackers use a crafting POST request that leads to deserialization and helps them to access local files and perform arbitrary commands remotely.
Summary of CVE-2022-22242
CVE-2022-22242 with a CVSS score 6.1 is a Cross-site Scripting (XSS) vulnerability in the Junos OS J-Web component. This vulnerability allows a remote attacker to run corrupt scripts on the victim’s browser. This script provides the attackers with the victim’s system control in the context of their J-Web session.
Summary of CVE-2022-22243:
CVE-2022-22243 has a CVSS score of 4.3 is a XPath Injection vulnerability also in the Junos OS J-Web component. It is due to Improper Input Validation. Attackers can add an XPath command to the XPath stream that allows them to chain to other unspecified vulnerabilities. This leads to the partial loss of confidentiality.
Summary of CVE-2022-22244:
An XPath Injection Vulnerability in the Junos OS J-Web component- CVE-2022-22244, is an opportunity for unauthorized attackers. It has a CVSS score of 5.3. They can send a crafted POST to reach the XPath channel, allowing them to exploit other unspecified vulnerabilities.
This vulnerability can cause partial loss to vulnerabilities and has affected many versions of Juniper Networks Junos OS.
Summary of CVE-2022-22245:
CVE-2022-22245 has a CVSS score of 4.3 and is a Path Traversal vulnerability present in the Junos OS J-Web component. Unauthorized attackers can exploit this vulnerability by uploading arbitrary files to the victim’s system/device, bypassing the verification checks in Junos OS.
The hacker finds it challenging to execute the file due to the verification check in Junos OS. However, if hackers become successful in exploiting the vulnerability, they can get control over the system, and this leads to a loss of filesystem integrity.
Summary of CVE-2022-22246
CVE-2022-22246 has a CVSS score of 7.5 and is a PHP File Inclusion vulnerability that can lead to complete system compromise. This one of the newly disclosed vulnerabilities in Junos OS can allow low-privileged authenticated attackers to run an untrusted PHP file.
Hackers can chain this vulnerability with various other unspecified vulnerabilities in the system that can lead to the successful exploitation of CVE-2022-22246. The successful exploitation of this vulnerability can give hackers complete access to the system and compromise any sensitive data/information
Junos OS Versions Affected by These Vulnerabilities
Below are the Juniper Networks Junos OS versions affected by these newly disclosed vulnerabilities in Junos OS:
- All versions previous than 19.1R3-S9
- 19.2 and versions up to 19.2R3-S6
- 19.3 and versions up to 19.3R3-S7
- 19.4 and versions up to 19.4R3-S9
- 20.1 and versions up to 20.1R3-S5
- 20.2 and versions up to 20.2R3-S5
- 20.3 and versions up to 20.3R3-S5
- 20.4 and versions up to 20.4R3-S4
- 21.1 and versions up to 21.1R3-S3
- 21.2 and versions up to 21.2R3-S1
- 21.3 and versions up to 21.3R3
- 21.4 and versions up to 21.4R1-S2, 21.4R2
- 22.1 and versions up to 22.1R1-S1, 22.1R2.
How to Fix the Six Newly Disclosed Vulnerabilities in Junos OS?
Considering the severity of these vulnerabilities’ effect on the Junos OS versions, it released the software releases for the versions to resolve the specific issues. The versions include; Junos OS 19.1R3-S9, 19.4R3-S9, 19.3R3-S7, 19.2R3-S6, 20.1R3-S5, 20.3R3-S5, 20.2R3-S5, 20.4R3-S4, 21.3R3, 22.2R1, 21.1R3-S2, 22.1R2, 21.4R3 and all subsequent releases.
To protect your Junos OS versions from being affected by these newly disclosed vulnerabilities in Junos OS, you can do the following things;
- Navigate to https://support.juniper.net/support/downloads/.and download the releases/patches for your Junos OS version.
- You can disable J-Web and also limit access to only trusted hosts.
Junos OS’s six vulnerabilities affect most of the Junos OS versions. To keep your systems protected from these vulnerabilities to affect, it is necessary to follow the guidelines released by Junos Network security. Juniper Network Support can guide you on how to update your versions to keep them most protected.