Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2021-31360 | First vendor Publication | 2021-10-19 |
Vendor | Cve | Last vendor Modification | 2024-11-21 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:L/AC:L/Au:N/C:N/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 6.6 | Attack Range | Local |
Cvss Impact Score | 9.2 | Attack Complexity | Low |
Cvss Expoit Score | 3.9 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
An improper privilege management vulnerability in the Juniper Networks Junos OS and Junos OS Evolved command-line interpreter (CLI) allows a low-privileged user to overwrite local files as root, possibly leading to a system integrity issue or Denial of Service (DoS). Depending on the files overwritten, exploitation of this vulnerability could lead to a sustained Denial of Service (DoS) condition, requiring manual user intervention to recover. Systems are only vulnerable if jdhcpd is running, which can be confirmed via the 'show system processes' command. For example: root@host# run show system processes extensive | match dhcp 26537 root -16 0 97568K 13692K RUN 0 0:01 3.71% jdhcpd This issue affects: Juniper Networks Junos OS: All versions, including the following supported releases: 15.1 versions prior to 15.1R7-S10; 17.4 versions prior to 17.4R3-S5; 18.3 versions prior to 18.3R3-S5; 18.4 versions prior to 18.4R3-S9; 19.1 versions prior to 19.1R3-S6; 19.2 versions prior to 19.2R1-S7, 19.2R3-S3; 19.3 versions prior to 19.3R2-S6, 19.3R3-S3; 19.4 versions prior to 19.4R3-S6; 20.1 versions prior to 20.1R2-S2, 20.1R3-S1; 20.2 versions prior to 20.2R3-S2; 20.3 versions prior to 20.3R3; 20.4 versions prior to 20.4R2-S1, 20.4R3; 21.1 versions prior to 21.1R1-S1, 21.1R2. Juniper Networks Junos OS Evolved: All versions prior to 20.4R2-S3-EVO; All versions of 21.1-EVO. |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31360 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
50 % | CWE-269 | Improper Privilege Management |
50 % | CWE-20 | Improper Input Validation |
CPE : Common Platform Enumeration
Sources (Detail)
Source | Url |
---|
Alert History
Date | Informations |
---|---|
2024-11-28 13:56:26 |
|
2022-10-27 21:27:40 |
|
2022-04-19 00:23:10 |
|
2021-11-18 05:23:04 |
|
2021-11-10 09:23:21 |
|
2021-11-02 17:23:02 |
|
2021-10-26 01:47:57 |
|
2021-10-25 21:22:56 |
|
2021-10-20 00:22:50 |
|