CVE-2022-22246

Name of the Vulnerable Software and Affected Versions Junos OS versions prior to 19.1R3-S9 Junos OS versions 19.2 prior to 19.2R3-S6 Junos OS versions 19.3 prior to 19.3R3-S6 Junos OS versions 19.4 prior to 19.4R2-S7 Junos OS versions 19.4 prior to 19.4R3-S8 Junos OS versions 20.1 prior to 20.1R3-S5 Junos OS versions 20.2 prior to 20.2R3-S5 Junos OS versions 20.3 prior to 20.3R3-S5 Junos OS versions 20.4 prior to 20.4R3-S4 Junos OS versions 21.1 prior to 21.1R3-S2 Junos OS versions 21.2 prior to 21.2R3-S1 Junos OS versions 21.3 prior to 21.3R2-S2 Junos OS versions 21.3 prior to 21.3R3 Junos OS versions 21.4 prior to 21.4R1-S2 Junos OS versions 21.4 prior to 21.4R2-S1 Junos OS versions 21.4 prior to 21.4R3 Junos OS versions 22.1 prior to 22.1R1-S1 Junos OS versions 22.1 prior to 22.1R2

Description A PHP Local File Inclusion (LFI) vulnerability in the J-Web component of Juniper Networks Junos OS may allow a low-privileged authenticated attacker to execute an untrusted PHP file. Successful exploitation could lead to a complete system compromise by chaining this vulnerability with other unspecified vulnerabilities and circumventing existing attack requirements.

Recommendations For Junos OS versions prior to 19.1R3-S9, update to version 19.1R3-S9 or later. For Junos OS versions 19.2 prior to 19.2R3-S6, update to version 19.2R3-S6 or later. For Junos OS versions 19.3 prior to 19.3R3-S6, update to version 19.3R3-S6 or later. For Junos OS versions 19.4 prior to 19.4R2-S7, update to version 19.4R2-S7 or later. For Junos OS versions 19.4 prior to 19.4R3-S8, update to version 19.4R3-S8 or later. For Junos OS versions 20.1 prior to 20.1R3-S5, update to version 20.1R3-S5 or later. For Junos OS versions 20.2 prior to 20.2R3-S5, update to version 20.2R3-S5 or later. For Junos OS versions 20.3 prior to 20.3R3-S5, update to version 20.3R3-S5 or later. For Junos OS versions 20.4 prior to 20.4R3-S4, update to version 20.4R3-S4 or later. For Junos OS versions 21.1 prior to 21.1R3-S2, update to version 21.1R3-S2 or later. For Junos OS versions 21.2 prior to 21.2R3-S1, update to version 21.2R3-S1 or later. For Junos OS versions 21.3 prior to 21.3R2-S2, update to version 21.3R2-S2 or later. For Junos OS versions 21.3 prior to 21.3R3, update to version 21.3R3 or later. For Junos OS versions 21.4 prior to 21.4R1-S2, update to version 21.4R1-S2 or later. For Junos OS versions 21.4 prior to 21.4R2-S1, update to version 21.4R2-S1 or later. For Junos OS versions 21.4 prior to 21.4R3, update to version 21.4R3 or later. For Junos OS versions 22.1 prior to 22.1R1-S1, update to version 22.1R1-S1 or later. For Junos OS versions 22.1 prior to 22.1R2, update to version 22.1R2 or later.