CVE-2022-22251

Name of the Vulnerable Software and Affected Versions Juniper Networks Junos OS versions 20.2R1 through 21.2R1 on cSRX Series

Description The issue is related to software permission problems in the container filesystem and stored files, combined with the storage of passwords in a recoverable format in Juniper Networks Junos OS. This allows a local, low-privileged attacker to elevate their permissions and take control of any instance of a cSRX software deployment.

Recommendations For versions 20.2R1 through 21.2R1, update to version 21.2R1 or later to resolve the issue. At the moment, there is no information about additional mitigation measures for this vulnerability.