Vulnerabilities > CVE-2021-0252 - Unspecified vulnerability in Juniper Junos

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

juniper

NVD

Published: 2021-04-22

Updated: 2024-11-21

Summary

NFX Series devices using Juniper Networks Junos OS are susceptible to a local code execution vulnerability thereby allowing an attacker to elevate their privileges via the Junos Device Management Daemon (JDMD) process. This issue affects Juniper Networks Junos OS on NFX Series: 18.1 version 18.1R1 and later versions prior to 18.2R3-S5; 18.3 versions prior to 18.3R2-S4, 18.3R3-S3; 18.4 versions prior to 18.4R2-S5, 18.4R3-S4; 19.1 versions prior to 19.1R1-S3, 19.1R2; 19.2 versions prior to 19.2R1-S5, 19.2R2. This issue does not affect: Juniper Networks Junos OS versions prior to 18.1R1. This issue does not affect the JDMD as used by Junos Node Slicing such as External Servers use in conjunction with Junos Node Slicing and In-Chassis Junos Node Slicing on MX480, MX960, MX2008, MX2010, MX2020.

Vulnerable Configurations

Part	Description	Count
OS	Juniper Juniper Junos 18.1 Juniper Junos 18.2 Juniper Junos 18.3 Juniper Junos 18.4 Juniper Junos 19.1 Juniper Junos 19.2	80
Hardware	Juniper Juniper Nfx150 - Juniper Nfx250 - Juniper Nfx350 -	3

Summary

Vulnerable Configurations

References