Description: An Improper Input Validation vulnerability in J-Web of Juniper Networks Junos OS allows a locally authenticated attacker to escalate their privileges to root over the target device. junos:18.3R3-S5 junos:18.4R3-S9 junos:19.1R3-S6 junos:19.3R2-S6 junos:19.3R3-S3 junos:19.4R1-S4 junos:19.4R3-S4 junos:20.1R2-S2 junos:20.1R3 junos:20.2R3-S1 junos:20.3X75-D20 junos:20.3X75-D30 junos:20.4R2-S1 junos:20.4R3 junos:21.1R1-S1 junos:21.1R2 junos:21.2R1 junos:21.3R1 This issue affects: Juniper Networks Junos OS 19.3 versions 19.3R1 and above prior to 19.3R2-S6, 19.3R3-S3; 19.4 versions prior to 19.4R3-S5; 20.1 versions prior to 20.1R2-S2, 20.1R3-S1; 20.2 versions prior to 20.2R3-S2; 20.3 versions prior to 20.3R3; 20.4 versions prior to 20.4R2-S1, 20.4R3; 21.1 versions prior to 21.1R1-S1, 21.1R2. This issue does not affect Juniper Networks Junos OS versions prior to 19.3R1.
CVE-2021-0278
Published Date: 2021-07-15T20:15Z
Last Modified: 2021-07-28T14:30Z
CVSS Score: 7.8 (HIGH)
EPSS Score: 0.04%
Risk Score: 5.46 (HIGH)
Risk Score based on CVSS score and EPSS. This score is for reference purposes and is not internationally recognized.
CVSS:
7.8 |
EPSS:
0.04%
Mitre ATT&CK Technical v15.1
T1053.002 – At
Technical Analysis & Mitigation Measures
Reference Links
Vendor - Produce - Version
junos - juniper, junos - juniper, junos - juniper, junos - juniper, junos - juniper, junos - juniper, junos - juniper, junos - juniper, junos - juniper, junos - juniper, junos - juniper, junos - juniper, junos - juniper, junos - juniper, junos - juniper, junos - juniper, junos - juniper, junos - juniper, junos - juniper, junos - juniper, junos - juniper, junos - juniper, junos - juniper, junos - juniper, junos - juniper, junos - juniper, junos - juniper, junos - juniper, junos - juniper, junos - juniper, junos - juniper, junos - juniper, junos - juniper, junos - juniper, junos - juniper, junos - juniper, junos - juniper, junos - juniper, junos - juniper, junos - juniper, junos - juniper, junos - juniper, junos - juniper, junos - juniper, junos - juniper, junos - juniper, junos - juniper, junos - juniper, junos - juniper, junos - juniper
Disclaimer
The content on this website is automatically sourced from external websites such as the National Vulnerability Database (NVD), GitHub, and other security-related sources. This content is for reference purposes only, and we are not responsible for the accuracy or integrity of the information linked or displayed from these sources.