(CVE-2022-22241, CVE-2022-22242, CVE-2022-22243, CVE-2022-22244, CVE-2022-22245, CVE-2022-22246)
Multiple high-severity security flaws have been disclosed as affecting Juniper Networks devices (J-Web component of Juniper Networks Junos OS), some of which could be exploited to achieve code execution. Users of Juniper Networks firewalls, routers, and switches are recommended to apply the latest software patch available for Junos OS to mitigate threats.
|Product Affected||Vulnerable Version||CVE-CVSS Associated||Risk / Details for vulnerability||Recommendations|
|All versions of Junos OS||CVE-2022-22241 CVE-2022-22242 CVE-2022-22243 |
CVE-2022-22244 CVE-2022-22245 CVE-2022-22246
|High – Arbitrary code execution, local file inclusion, cross-site scripting attacks, path injection and traversal||Update systems with latest security patches. |
Workaround: Disable J-Web, or limit access to only trusted hosts
Security On-Demand recommends updating all Juniper devices to the latest OS versions, as stated by Juniper as well. The software releases that have been updated to resolve these specific issues are: Junos OS 19.1R3-S9, 19.2R3-S6, 19.3R3-S7, 19.4R3-S9, 20.1R3-S5, 20.2R3-S5, 20.3R3-S5, 20.4R3-S4, 21.1R3-S2, 21.3R3, 21.4R3, 22.1R2, 22.2R1, and all subsequent releases. Is upgrading is not an option, Juniper also recommends disabling the J-Web console, or limiting access to these devices from only trusted hosts.
SOD Threat Recon Unit will also keep track of any exploitation tool or PoC (Proof of Concept) that could leverage the usage of these vulnerabilities to exploit systems actively. Information about new IoCs and IoAs will be included proactively as part of the monitoring mechanism included on Threat Watch on their multiple service tiers.
Please contact your Security On-Demand Customer Success Manager if you have any questions about this alert.