Details of VAR-202201-0632

ID

VAR-202201-0632

CVE

CVE-2022-22154

TITLE

Juniper Networks Junos OS Vulnerability in leaking resources to the wrong area in

Trust: 0.8

sources: JVNDB: JVNDB-2022-004215

DESCRIPTION

In a Junos Fusion scenario an External Control of Critical State Data vulnerability in the Satellite Device (SD) control state machine of Juniper Networks Junos OS allows an attacker who is able to make physical changes to the cabling of the device to cause a denial of service (DoS). An SD can get rebooted and subsequently controlled by an Aggregation Device (AD) which does not belong to the original Fusion setup and is just connected to an extended port of the SD. To carry out this attack the attacker needs to have physical access to the cabling between the SD and the original AD. This issue affects: Juniper Networks Junos OS 16.1R1 and later versions prior to 18.4R3-S10; 19.1 versions prior to 19.1R3-S7; 19.2 versions prior to 19.2R3-S4. This issue does not affect Juniper Networks Junos OS versions prior to 16.1R1. Juniper Networks Junos OS Exists in a vulnerability related to the leakage of resources to the wrong area.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The operating system provides a secure programming interface and Junos SDK. An attacker could cause a denial of service by modifying the device cabling

Trust: 1.8

sources: NVD: CVE-2022-22154 // JVNDB: JVNDB-2022-004215 // VULHUB: VHN-409683 // VULMON: CVE-2022-22154

AFFECTED PRODUCTS

vendor:	juniper	model:	junos	scope:	eq	version:	17.3	Trust: 1.0
vendor:	juniper	model:	junos	scope:	eq	version:	18.1	Trust: 1.0
vendor:	juniper	model:	junos	scope:	eq	version:	17.1	Trust: 1.0
vendor:	juniper	model:	junos	scope:	eq	version:	18.2	Trust: 1.0
vendor:	juniper	model:	junos	scope:	eq	version:	18.1x75	Trust: 1.0
vendor:	juniper	model:	junos	scope:	eq	version:	18.2x75-d10	Trust: 1.0
vendor:	juniper	model:	junos	scope:	eq	version:	16.1	Trust: 1.0
vendor:	juniper	model:	junos	scope:	eq	version:	18.2x75	Trust: 1.0
vendor:	juniper	model:	junos	scope:	eq	version:	16.1x65	Trust: 1.0
vendor:	juniper	model:	junos	scope:	eq	version:	18.4	Trust: 1.0
vendor:	juniper	model:	junos	scope:	eq	version:	17.2	Trust: 1.0
vendor:	juniper	model:	junos	scope:	eq	version:	18.3	Trust: 1.0
vendor:	juniper	model:	junos	scope:	eq	version:	17.4	Trust: 1.0
vendor:	juniper	model:	junos	scope:	eq	version:	18.2x75-d30	Trust: 1.0
vendor:	juniper	model:	junos	scope:	eq	version:	16.2	Trust: 1.0
vendor:	juniper	model:	junos	scope:	eq	version:	19.1	Trust: 1.0
vendor:	juniper	model:	junos	scope:	eq	version:	16.1x70	Trust: 1.0
vendor:	juniper	model:	junos	scope:	eq	version:	17.2x75	Trust: 1.0
vendor:	juniper	model:	junos	scope:	eq	version:	19.2	Trust: 1.0
vendor:	ジュニパーネットワークス	model:	junos os	scope:	-	version:	-	Trust: 0.8
vendor:	ジュニパーネットワークス	model:	junos os	scope:	eq	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2022-004215 // NVD: CVE-2022-22154

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2022-22154
value:	MEDIUM
Trust: 1.0
sirt@juniper.net:	CVE-2022-22154
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2022-22154
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-202201-1384
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-409683
value:	MEDIUM
Trust: 0.1
VULMON:	CVE-2022-22154
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2022-22154
severity:	MEDIUM
baseScore:	4.6
vectorString:	AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	3.9
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
VULHUB:	VHN-409683
severity:	MEDIUM
baseScore:	4.6
vectorString:	AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	3.9
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2022-22154
baseSeverity:	MEDIUM
baseScore:	6.8
vectorString:	CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	PHYSICAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	0.9
impactScore:	5.9
version:	3.1
Trust: 2.0
OTHER:	JVNDB-2022-004215
baseSeverity:	MEDIUM
baseScore:	6.8
vectorString:	CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	PHYSICAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-409683 // VULMON: CVE-2022-22154 // JVNDB: JVNDB-2022-004215 // CNNVD: CNNVD-202201-1384 // NVD: CVE-2022-22154 // NVD: CVE-2022-22154

PROBLEMTYPE DATA

problemtype:	CWE-668	Trust: 1.1
problemtype:	CWE-642	Trust: 1.0
problemtype:	Leakage of resources to the wrong area (CWE-668) [NVD evaluation ]	Trust: 0.8

sources: VULHUB: VHN-409683 // JVNDB: JVNDB-2022-004215 // NVD: CVE-2022-22154

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202201-1384

PATCH

title:	JSA11262	url:	https://supportportal.juniper.net/s/article/2022-01-Security-Bulletin-Junos-Fusion-A-Satellite-Device-can-be-controlled-by-rewiring-it-to-a-foreign-AD-causing-a-DoS-CVE-2022-22154?language=en_US	Trust: 0.8
title:	Juniper Networks Junos OS Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=178848	Trust: 0.6
title:	CVE-2022-XXXX	url:	https://github.com/AlphabugX/CVE-2022-23305	Trust: 0.1
title:	CVE-2022-XXXX	url:	https://github.com/AlphabugX/CVE-2022-RCE	Trust: 0.1

sources: VULMON: CVE-2022-22154 // JVNDB: JVNDB-2022-004215 // CNNVD: CNNVD-202201-1384

EXTERNAL IDS

db:	NVD	id:	CVE-2022-22154	Trust: 3.4
db:	JUNIPER	id:	JSA11262	Trust: 1.8
db:	JVNDB	id:	JVNDB-2022-004215	Trust: 0.8
db:	CNNVD	id:	CNNVD-202201-1384	Trust: 0.7
db:	CS-HELP	id:	SB2022011704	Trust: 0.6
db:	CNVD	id:	CNVD-2022-08293	Trust: 0.1
db:	VULHUB	id:	VHN-409683	Trust: 0.1
db:	VULMON	id:	CVE-2022-22154	Trust: 0.1

sources: VULHUB: VHN-409683 // VULMON: CVE-2022-22154 // JVNDB: JVNDB-2022-004215 // CNNVD: CNNVD-202201-1384 // NVD: CVE-2022-22154

REFERENCES

url:	https://kb.juniper.net/jsa11262	Trust: 1.8
url:	https://nvd.nist.gov/vuln/detail/cve-2022-22154	Trust: 1.4
url:	https://www.cybersecurity-help.cz/vdb/sb2022011704	Trust: 0.6
url:	https://cwe.mitre.org/data/definitions/668.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://github.com/alphabugx/cve-2022-23305	Trust: 0.1

sources: VULHUB: VHN-409683 // VULMON: CVE-2022-22154 // JVNDB: JVNDB-2022-004215 // CNNVD: CNNVD-202201-1384 // NVD: CVE-2022-22154

SOURCES

db:	VULHUB	id:	VHN-409683
db:	VULMON	id:	CVE-2022-22154
db:	JVNDB	id:	JVNDB-2022-004215
db:	CNNVD	id:	CNNVD-202201-1384
db:	NVD	id:	CVE-2022-22154

LAST UPDATE DATE

2024-08-14T15:27:31.710000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-409683	date:	2022-01-28T00:00:00
db:	VULMON	id:	CVE-2022-22154	date:	2022-01-28T00:00:00
db:	JVNDB	id:	JVNDB-2022-004215	date:	2023-03-31T05:50:00
db:	CNNVD	id:	CNNVD-202201-1384	date:	2022-03-10T00:00:00
db:	NVD	id:	CVE-2022-22154	date:	2022-01-28T19:53:10.943

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-409683	date:	2022-01-19T00:00:00
db:	VULMON	id:	CVE-2022-22154	date:	2022-01-19T00:00:00
db:	JVNDB	id:	JVNDB-2022-004215	date:	2023-03-31T00:00:00
db:	CNNVD	id:	CNNVD-202201-1384	date:	2022-01-17T00:00:00
db:	NVD	id:	CVE-2022-22154	date:	2022-01-19T01:15:08.257