Unrated severityNVD Advisory· Published Oct 18, 2022· Updated May 8, 2025
cSRX Series: Storing Passwords in a Recoverable Format and software permissions issues allows a local attacker to elevate privileges
CVE-2022-22251
Description
On cSRX Series devices software permission issues in the container filesystem and stored files combined with storing passwords in a recoverable format in Juniper Networks Junos OS allows a local, low-privileged attacker to elevate their permissions to take control of any instance of a cSRX software deployment. This issue affects Juniper Networks Junos OS 20.2 version 20.2R1 and later versions prior to 21.2R1 on cSRX Series.
Affected products
2>=20.2R1, <21.2R1+ 1 more
- (no CPE)range: >=20.2R1, <21.2R1
- (no CPE)range: 20.2R1
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.