SB2022101278 - Multiple vulnerabilities in Junos OS J-Web

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2022101278

SB2022101278 - Multiple vulnerabilities in Junos OS J-Web

Published: October 12, 2022 Updated: October 26, 2023

Security Bulletin ID SB2022101278
Severity
High
Patch available
YES
Number of vulnerabilities 6
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 17% Medium 33% Low 50%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 6 secuirty vulnerabilities.


1) Input validation error (CVE-ID: CVE-2022-22241)

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to insufficient validation of user-supplied input in the J-Web component. A remote attacker can send a specially crafted HTTP POST request to the affected system and execute arbitrary OS commands.


2) Cross-site scripting (CVE-ID: CVE-2022-22242)

The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.

The vulnerability exists due to insufficient sanitization of user-supplied data in the J-Web component. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.


3) XPath Injection (CVE-ID: CVE-2022-22243)

The vulnerability allows a remote user to gain access to sensitive information.

The vulnerability exists due to improper input validation in the J-Web component. A remote authenticated user can add an XPath command to the XPath stream and gain access to sensitive information.


4) XPath Injection (CVE-ID: CVE-2022-22244)

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due to improper input validation in the J-Web component. A remote non-authenticated attacker can send a specially crafted HTTP POST to reach the XPath channel and gain access to sensitive information.

5) Path traversal (CVE-ID: CVE-2022-22245)

The vulnerability allows a remote user to upload arbitrary files to the device.

The vulnerability exists due to input validation error when processing directory traversal sequences in the J-Web component. A remote authenticated user can send a specially crafted HTTP request and upload arbitrary files to the device.


6) PHP file inclusion (CVE-ID: CVE-2022-22246)

The vulnerability allows a remote user to include and execute arbitrary PHP files on the server.

The vulnerability exists due to incorrect input validation when including PHP files in the J-Web component. A remote authenticated user can send a specially crafted HTTP request to the affected application, include and execute arbitrary PHP code on the system with privileges of the web server.


Remediation

Install update from vendor's website.

References