CVE-2022-22245

Name of the Vulnerable Software and Affected Versions Juniper Networks Junos OS versions prior to 19.1R3-S9 Juniper Networks Junos OS 19.2 versions prior to 19.2R3-S6 Juniper Networks Junos OS 19.3 versions prior to 19.3R3-S7 Juniper Networks Junos OS 19.4 versions prior to 19.4R3-S9 Juniper Networks Junos OS 20.1 versions prior to 20.1R3-S5 Juniper Networks Junos OS 20.2 versions prior to 20.2R3-S5 Juniper Networks Junos OS 20.3 versions prior to 20.3R3-S5 Juniper Networks Junos OS 20.4 versions prior to 20.4R3-S4 Juniper Networks Junos OS 21.1 versions prior to 21.1R3-S2 Juniper Networks Junos OS 21.2 versions prior to 21.2R3-S1 Juniper Networks Junos OS 21.3 versions prior to 21.3R2-S2, 21.3R3 Juniper Networks Junos OS 21.4 versions prior to 21.4R1-S2, 21.4R2-S1, 21.4R3 Juniper Networks Junos OS 22.1 versions prior to 22.1R1-S1, 22.1R2

Description A Path Traversal vulnerability in the J-Web component of Juniper Networks Junos OS allows an authenticated attacker to upload arbitrary files to the device by bypassing validation checks built into Junos OS. The attacker should not be able to execute the file due to validation checks built into Junos OS. Successful exploitation of this vulnerability could lead to loss of filesystem integrity.

Recommendations For Juniper Networks Junos OS versions prior to 19.1R3-S9, update to version 19.1R3-S9 or later. For Juniper Networks Junos OS 19.2 versions prior to 19.2R3-S6, update to version 19.2R3-S6 or later. For Juniper Networks Junos OS 19.3 versions prior to 19.3R3-S7, update to version 19.3R3-S7 or later. For Juniper Networks Junos OS 19.4 versions prior to 19.4R3-S9, update to version 19.4R3-S9 or later. For Juniper Networks Junos OS 20.1 versions prior to 20.1R3-S5, update to version 20.1R3-S5 or later. For Juniper Networks Junos OS 20.2 versions prior to 20.2R3-S5, update to version 20.2R3-S5 or later. For Juniper Networks Junos OS 20.3 versions prior to 20.3R3-S5, update to version 20.3R3-S5 or later. For Juniper Networks Junos OS 20.4 versions prior to 20.4R3-S4, update to version 20.4R3-S4 or later. For Juniper Networks Junos OS 21.1 versions prior to 21.1R3-S2, update to version 21.1R3-S2 or later. For Juniper Networks Junos OS 21.2 versions prior to 21.2R3-S1, update to version 21.2R3-S1 or later. For Juniper Networks Junos OS 21.3 versions prior to 21.3R2-S2, 21.3R3, update to version 21.3R2-S2, 21.3R3 or later. For Juniper Networks Junos OS 21.4 versions prior to 21.4R1-S2, 21.4R2-S1, 21.4R3, update to version 21.4R1-S2, 21.4R2-S1, 21.4R3 or later. For Juniper Networks Junos OS 22.1 versions prior to 22.1R1-S1, 22.1R2, update to version 22.1R1-S1, 22.1R2 or later.