Multiple Vulnerabilities Detected in Juniper Networks Junos OS

October 18, 2022
11:17 am

[vc_row pix_particles_check=”” nav_skin=”light” consent_include=”include”][vc_column][vc_column_text]Multiple critical security vulnerabilities have been identified in Junos OS, a network operating system used in security and network devices developed by Juniper Networks. The vulnerabilities allow threat actors to perform unauthorized file access, cross-site scripting (XSS), and directory traversal attacks.

Some of the detected security vulnerabilities are as follows;

The security vulnerability, tracked as CVE-2022-22241, is due to incorrect login validation affecting the J-Web component of Juniper Networks Junos OS. As a result, an unauthenticated threat actor that successfully exploits the vulnerability can gain access to data through a specially crafted POST request without proper authorization.
The vulnerability, tracked as CVE-2022-22246, is a PHP Local File Inclusion (LFI) vulnerability that affects the J-Web component of Juniper Networks Junos OS and could allow a low-privileged authenticated threat actor to execute a malicious PHP file on the vulnerable system.
The vulnerability tracked as CVE-2022-22242 is a Cross-Site Scripting (XSS) vulnerability that affects the J-Web component of Juniper Networks Junos OS and could allow an unauthenticated threat actor to run malicious scripts in the user’s browser in the context of a J-Web session.
The vulnerability tracked as CVE-2022-22244 is an XPath Injection vulnerability that affects the J-Web component of Juniper Networks Junos OS. An unauthenticated threat actor can exploit the vulnerability through a specially crafted POST request.

These vulnerabilities, which affect all versions of the Junos operating system, are critically rated as high and have been fixed with the updates released by Juniper Networks. In this context, in order not to be the target of attacks that can be carried out using vulnerabilities, it is recommended that vulnerable Junos OS users upgrade immediately to released updates, while as a workaround, disable J-Web or restrict access to trusted hosts only.[/vc_column_text][vc_empty_space][/vc_column][/vc_row]

Multiple Vulnerabilities Detected in Juniper Networks Junos OS

Share This:

Channel Partners

Become A Partner

Partner Portal Login

The Bridge Partner Program

Blog

Customer Stories

Datasheets

e-Books

Events

Glossary

Threat Intelligence Researches

Reports

Security News

Infographics

Whitepapers

Explore Our Ransomware Threats Report

Platform Overview

Brand Protection

Exposure Management

Cyber Threat Intelligence

Supply Chain Security

Technology Integrations

CONTACT US

About Us

Careers

News

Awards

Logos & Press Kit

Threat Intelligence Services

Brand Monitoring

Fraud Protection

VIP Security

Vulnerability Intelligence

Attack Surface Management

Preventing Data Leakage

Phishing Monitoring

Account Takeover Detection

Stolen Credit Cards

Dark Web Monitoring

Remediation and Takedown