Improper Initialization in Junos OS Evolved

#VU59570 Improper Initialization in Junos OS Evolved

Cybersecurity Help s.r.o.

Published: 2022-01-12 | Updated: 2024-01-12

Vulnerability identifier: #VU59570

Vulnerability risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-22164

CWE-ID: CWE-665

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Junos OS Evolved
Operating systems & Components / Operating system

Vendor: Juniper Networks, Inc.

Description

The vulnerability allows a remote attacker to abuse the system.

The vulnerability exists due to improper initialization, where a commit operation for disabling the telnet service does not take effect as expected, resulting in the telnet service staying enabled.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Junos OS Evolved: 21.4R1-EVO - 21.4R3-S2-EVO, 22.4R1-EVO - 22.4R1-S2-EVO, 22.2-EVO - 22.2R2-S2-EVO, 22.3R1-EVO - 22.3R1-S2-EVO, 21.2-EVO - 21.2R1-S2-EVO, 20.4R1-EVO - 20.4R2-S1-EVO, 21.1-EVO - 21.1R3-S4-EVO

External links
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA11272&cat=SIRT_1&actp=LIST
http://supportportal.juniper.net/s/article/2022-01-Security-Bulletin-Junos-OS-Evolved-Telnet-service-may-be-enabled-when-it-is-expected-to-be-disabled-CVE-2022-22164

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Unexpected behavior of Telnet service Junos OS Evolved