cvelistv5 - cve-2021-31350

CVE-2021-31350 (GCVE-0-2021-31350)

Vulnerability from cvelistv5 – Published: 2021-10-19 18:16 – Updated: 2024-09-16 18:49

Summary

An Improper Privilege Management vulnerability in the gRPC framework, used by the Juniper Extension Toolkit (JET) API on Juniper Networks Junos OS and Junos OS Evolved, allows a network-based, low-privileged authenticated attacker to perform operations as root, leading to complete compromise of the targeted system. The issue is caused by the JET service daemon (jsd) process authenticating the user, then passing configuration operations directly to the management daemon (mgd) process, which runs as root. This issue affects Juniper Networks Junos OS: 18.4 versions prior to 18.4R1-S8, 18.4R2-S8, 18.4R3-S8; 19.1 versions prior to 19.1R2-S3, 19.1R3-S5; 19.2 versions prior to 19.2R1-S7, 19.2R3-S2; 19.3 versions prior to 19.3R2-S6, 19.3R3-S2; 19.4 versions prior to 19.4R1-S4, 19.4R2-S4, 19.4R3-S3; 20.1 versions prior to 20.1R2-S2, 20.1R3; 20.2 versions prior to 20.2R2-S3, 20.2R3; 20.3 versions prior to 20.3R2-S1, 20.3R3; 20.4 versions prior to 20.4R2. This issue does not affect Juniper Networks Junos OS versions prior to 18.4R1. Juniper Networks Junos OS Evolved: All versions prior to 20.4R2-EVO; 21.1-EVO versions prior to 21.1R2-EVO.

Severity ?

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-269 - Improper Privilege Management

Assigner

juniper

References

URL

Tags

https://kb.juniper.net/JSA11215

x_refsource_CONFIRM

Impacted products

Vendor

Product

Version

Juniper Networks

Junos OS

Unaffected: unspecified , < 18.4R1 (custom)
Affected: 18.4 , < 18.4R1-S8, 18.4R2-S8, 18.4R3-S8 (custom)
Affected: 19.1 , < 19.1R2-S3, 19.1R3-S5 (custom)
Affected: 19.2 , < 19.2R1-S7, 19.2R3-S2 (custom)
Affected: 19.3 , < 19.3R2-S6, 19.3R3-S2 (custom)
Affected: 19.4 , < 19.4R1-S4, 19.4R2-S4, 19.4R3-S3 (custom)
Affected: 20.1 , < 20.1R2-S2, 20.1R3 (custom)
Affected: 20.2 , < 20.2R2-S3, 20.2R3 (custom)
Affected: 20.3 , < 20.3R2-S1, 20.3R3 (custom)
Affected: 20.4 , < 20.4R2 (custom)

Juniper Networks

Junos OS Evolved

Affected: unspecified , < 20.4R2-EVO (custom)
Affected: 21.1-EVO , < 21.1R2-EVO (custom)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T22:55:53.551Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kb.juniper.net/JSA11215"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Junos OS",
          "vendor": "Juniper Networks",
          "versions": [
            {
              "lessThan": "18.4R1",
              "status": "unaffected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThan": "18.4R1-S8, 18.4R2-S8, 18.4R3-S8",
              "status": "affected",
              "version": "18.4",
              "versionType": "custom"
            },
            {
              "lessThan": "19.1R2-S3, 19.1R3-S5",
              "status": "affected",
              "version": "19.1",
              "versionType": "custom"
            },
            {
              "lessThan": "19.2R1-S7, 19.2R3-S2",
              "status": "affected",
              "version": "19.2",
              "versionType": "custom"
            },
            {
              "lessThan": "19.3R2-S6, 19.3R3-S2",
              "status": "affected",
              "version": "19.3",
              "versionType": "custom"
            },
            {
              "lessThan": "19.4R1-S4, 19.4R2-S4, 19.4R3-S3",
              "status": "affected",
              "version": "19.4",
              "versionType": "custom"
            },
            {
              "lessThan": "20.1R2-S2, 20.1R3",
              "status": "affected",
              "version": "20.1",
              "versionType": "custom"
            },
            {
              "lessThan": "20.2R2-S3, 20.2R3",
              "status": "affected",
              "version": "20.2",
              "versionType": "custom"
            },
            {
              "lessThan": "20.3R2-S1, 20.3R3",
              "status": "affected",
              "version": "20.3",
              "versionType": "custom"
            },
            {
              "lessThan": "20.4R2",
              "status": "affected",
              "version": "20.4",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Junos OS Evolved",
          "vendor": "Juniper Networks",
          "versions": [
            {
              "lessThan": "20.4R2-EVO",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThan": "21.1R2-EVO",
              "status": "affected",
              "version": "21.1-EVO",
              "versionType": "custom"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "value": "The following is an example of enabling gRPC in Junos:\n\n  set system services extension-service request-response grpc ssl"
        }
      ],
      "datePublic": "2021-10-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An Improper Privilege Management vulnerability in the gRPC framework, used by the Juniper Extension Toolkit (JET) API on Juniper Networks Junos OS and Junos OS Evolved, allows a network-based, low-privileged authenticated attacker to perform operations as root, leading to complete compromise of the targeted system. The issue is caused by the JET service daemon (jsd) process authenticating the user, then passing configuration operations directly to the management daemon (mgd) process, which runs as root. This issue affects Juniper Networks Junos OS: 18.4 versions prior to 18.4R1-S8, 18.4R2-S8, 18.4R3-S8; 19.1 versions prior to 19.1R2-S3, 19.1R3-S5; 19.2 versions prior to 19.2R1-S7, 19.2R3-S2; 19.3 versions prior to 19.3R2-S6, 19.3R3-S2; 19.4 versions prior to 19.4R1-S4, 19.4R2-S4, 19.4R3-S3; 20.1 versions prior to 20.1R2-S2, 20.1R3; 20.2 versions prior to 20.2R2-S3, 20.2R3; 20.3 versions prior to 20.3R2-S1, 20.3R3; 20.4 versions prior to 20.4R2. This issue does not affect Juniper Networks Junos OS versions prior to 18.4R1. Juniper Networks Junos OS Evolved: All versions prior to 20.4R2-EVO; 21.1-EVO versions prior to 21.1R2-EVO."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-269",
              "description": "CWE-269 Improper Privilege Management",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-10-19T18:16:30",
        "orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
        "shortName": "juniper"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kb.juniper.net/JSA11215"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "The following software releases have been updated to resolve this specific issue: \n\nJunos OS 18.4R1-S8, 18.4R2-S8, 18.4R3-S8, 19.1R2-S3, 19.1R3-S5, 19.2R1-S7, 19.2R3-S2, 19.3R2-S6, 19.3R3-S2, 19.4R1-S4, 19.4R2-S4, 19.4R3-S3, 20.1R2-S2, 20.1R3, 20.2R2-S3, 20.2R3, 20.3R2-S1, 20.3R3, 20.4R2, 21.1R1, and all subsequent releases.\n\nJunos OS Evolved 20.4R2-EVO, 21.1R2-EVO, 21.2R1-EVO, and all subsequent releases."
        }
      ],
      "source": {
        "advisory": "JSA11215",
        "defect": [
          "1578302"
        ],
        "discovery": "INTERNAL"
      },
      "title": "Junos OS and Junos OS Evolved: Privilege escalation vulnerability in Juniper Extension Toolkit (JET)",
      "workarounds": [
        {
          "lang": "en",
          "value": "Use access lists or firewall filters to limit access to the device via gRPC only from trusted hosts and from trusted administrators"
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "sirt@juniper.net",
          "DATE_PUBLIC": "2021-10-13T16:00:00.000Z",
          "ID": "CVE-2021-31350",
          "STATE": "PUBLIC",
          "TITLE": "Junos OS and Junos OS Evolved: Privilege escalation vulnerability in Juniper Extension Toolkit (JET)"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Junos OS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "18.4",
                            "version_value": "18.4R1-S8, 18.4R2-S8, 18.4R3-S8"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "19.1",
                            "version_value": "19.1R2-S3, 19.1R3-S5"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "19.2",
                            "version_value": "19.2R1-S7, 19.2R3-S2"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "19.3",
                            "version_value": "19.3R2-S6, 19.3R3-S2"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "19.4",
                            "version_value": "19.4R1-S4, 19.4R2-S4, 19.4R3-S3"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "20.1",
                            "version_value": "20.1R2-S2, 20.1R3"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "20.2",
                            "version_value": "20.2R2-S3, 20.2R3"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "20.3",
                            "version_value": "20.3R2-S1, 20.3R3"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "20.4",
                            "version_value": "20.4R2"
                          },
                          {
                            "version_affected": "!\u003c",
                            "version_value": "18.4R1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Junos OS Evolved",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_value": "20.4R2-EVO"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "21.1-EVO",
                            "version_value": "21.1R2-EVO"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Juniper Networks"
              }
            ]
          }
        },
        "configuration": [
          {
            "lang": "en",
            "value": "The following is an example of enabling gRPC in Junos:\n\n  set system services extension-service request-response grpc ssl"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An Improper Privilege Management vulnerability in the gRPC framework, used by the Juniper Extension Toolkit (JET) API on Juniper Networks Junos OS and Junos OS Evolved, allows a network-based, low-privileged authenticated attacker to perform operations as root, leading to complete compromise of the targeted system. The issue is caused by the JET service daemon (jsd) process authenticating the user, then passing configuration operations directly to the management daemon (mgd) process, which runs as root. This issue affects Juniper Networks Junos OS: 18.4 versions prior to 18.4R1-S8, 18.4R2-S8, 18.4R3-S8; 19.1 versions prior to 19.1R2-S3, 19.1R3-S5; 19.2 versions prior to 19.2R1-S7, 19.2R3-S2; 19.3 versions prior to 19.3R2-S6, 19.3R3-S2; 19.4 versions prior to 19.4R1-S4, 19.4R2-S4, 19.4R3-S3; 20.1 versions prior to 20.1R2-S2, 20.1R3; 20.2 versions prior to 20.2R2-S3, 20.2R3; 20.3 versions prior to 20.3R2-S1, 20.3R3; 20.4 versions prior to 20.4R2. This issue does not affect Juniper Networks Junos OS versions prior to 18.4R1. Juniper Networks Junos OS Evolved: All versions prior to 20.4R2-EVO; 21.1-EVO versions prior to 21.1R2-EVO."
            }
          ]
        },
        "exploit": [
          {
            "lang": "en",
            "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
          }
        ],
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-269 Improper Privilege Management"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://kb.juniper.net/JSA11215",
              "refsource": "CONFIRM",
              "url": "https://kb.juniper.net/JSA11215"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "The following software releases have been updated to resolve this specific issue: \n\nJunos OS 18.4R1-S8, 18.4R2-S8, 18.4R3-S8, 19.1R2-S3, 19.1R3-S5, 19.2R1-S7, 19.2R3-S2, 19.3R2-S6, 19.3R3-S2, 19.4R1-S4, 19.4R2-S4, 19.4R3-S3, 20.1R2-S2, 20.1R3, 20.2R2-S3, 20.2R3, 20.3R2-S1, 20.3R3, 20.4R2, 21.1R1, and all subsequent releases.\n\nJunos OS Evolved 20.4R2-EVO, 21.1R2-EVO, 21.2R1-EVO, and all subsequent releases."
          }
        ],
        "source": {
          "advisory": "JSA11215",
          "defect": [
            "1578302"
          ],
          "discovery": "INTERNAL"
        },
        "work_around": [
          {
            "lang": "en",
            "value": "Use access lists or firewall filters to limit access to the device via gRPC only from trusted hosts and from trusted administrators"
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
    "assignerShortName": "juniper",
    "cveId": "CVE-2021-31350",
    "datePublished": "2021-10-19T18:16:30.117409Z",
    "dateReserved": "2021-04-15T00:00:00",
    "dateUpdated": "2024-09-16T18:49:28.144Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.4:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"74CA9010-D3DE-487B-B46F-589A48AB0F0A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.4:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"A38F224C-8E9B-44F3-9D4F-6C9F04F57927\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.4:r1-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"853F146A-9A0F-49B6-AFD2-9907434212F1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.4:r1-s2:*:*:*:*:*:*\", \"matchCriteriaId\": \"8F73B88B-E66C-4ACD-B38D-9365FB230ABA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.4:r1-s3:*:*:*:*:*:*\", \"matchCriteriaId\": \"EE1F82EC-3222-4158-8923-59CDA1909A9C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.4:r1-s4:*:*:*:*:*:*\", \"matchCriteriaId\": \"8FE95D15-B5E5-4E74-9464-C72D8B646A6B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.4:r1-s5:*:*:*:*:*:*\", \"matchCriteriaId\": \"C012CD07-706A-4E1C-B399-C55AEF5C8309\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.4:r1-s6:*:*:*:*:*:*\", \"matchCriteriaId\": \"A0C26E59-874A-4D87-9E7F-E366F4D65ED1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.4:r1-s7:*:*:*:*:*:*\", \"matchCriteriaId\": \"75902119-60D0-49F8-8E01-666E0F75935A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.4:r2-s8:*:*:*:*:*:*\", \"matchCriteriaId\": \"924C4EAC-2A52-45A9-BE0F-B62F070C3E3D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:18.4:r3-s8:*:*:*:*:*:*\", \"matchCriteriaId\": \"44C4BE2C-814F-49AA-8B64-17245FC01270\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.1:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"768C0EB7-8456-4BF4-8598-3401A54D21DA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.1:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"5332B70A-F6B0-4C3B-90E2-5CBFB3326126\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.1:r1-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"81439FE8-5405-45C2-BC04-9823D2009A77\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.1:r1-s2:*:*:*:*:*:*\", \"matchCriteriaId\": \"E506138D-043E-485D-B485-94A2AB75F8E7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.1:r1-s3:*:*:*:*:*:*\", \"matchCriteriaId\": \"0EF3C901-3599-463F-BEFB-8858768DC195\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.1:r1-s4:*:*:*:*:*:*\", \"matchCriteriaId\": \"CD806778-A995-4A9B-9C05-F4D7B1CB1F7D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.1:r1-s5:*:*:*:*:*:*\", \"matchCriteriaId\": \"02B42BE8-1EF2-47F7-9F10-DE486A017EED\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.1:r1-s6:*:*:*:*:*:*\", \"matchCriteriaId\": \"0B372356-D146-420B-95C3-381D0383B595\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.1:r2:*:*:*:*:*:*\", \"matchCriteriaId\": \"DCAB79C9-6639-4ED0-BEC9-E7C8229DF977\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.1:r2-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"C8CF858F-84BB-4AEA-B829-FCF22C326160\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.1:r2-s2:*:*:*:*:*:*\", \"matchCriteriaId\": \"92292C23-DC38-42F1-97C1-8416BBB60FA9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.1:r3-s5:*:*:*:*:*:*\", \"matchCriteriaId\": \"8120EAC3-DCCB-4429-A372-C0DAA3270A1F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.2:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"0E7545CE-6300-4E81-B5AF-2BE150C1B190\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.2:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"4CA3060F-1800-4A06-A453-FB8CE4B65312\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.2:r1-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"9A5B337A-727C-4767-AD7B-E0F7F99EB46F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.2:r1-s2:*:*:*:*:*:*\", \"matchCriteriaId\": \"16FDE60B-7A99-4683-BC14-530B5B005F8B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.2:r1-s3:*:*:*:*:*:*\", \"matchCriteriaId\": \"725D8C27-E4F8-4394-B4EC-B49B6D3C2709\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.2:r1-s4:*:*:*:*:*:*\", \"matchCriteriaId\": \"8233C3AB-470E-4D13-9BFD-C9E90918FD0B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.2:r1-s5:*:*:*:*:*:*\", \"matchCriteriaId\": \"5F7A233A-D4F6-46FA-92E9-2ACE13E4A6A4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.2:r1-s6:*:*:*:*:*:*\", \"matchCriteriaId\": \"ADCE4EA8-DDBA-4766-BB81-E4DA29723723\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.2:r3-s2:*:*:*:*:*:*\", \"matchCriteriaId\": \"920FE638-BDE6-403D-9083-2BDBF6A3326F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.3:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"59006503-B2CA-4F79-AC13-7C5615A74CE5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.3:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"B8110DA9-54B1-43CF-AACB-76EABE0C9EF6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.3:r1-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"11B5CC5A-1959-4113-BFCF-E4BA63D918C1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.3:r2:*:*:*:*:*:*\", \"matchCriteriaId\": \"33F08A33-EF80-4D86-9A9A-9DF147B9B6D3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.3:r2-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"AF24ACBD-5F84-47B2-BFF3-E9A56666269C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.3:r2-s2:*:*:*:*:*:*\", \"matchCriteriaId\": \"3935A586-41BD-4FA5-9596-DED6F0864777\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.3:r2-s3:*:*:*:*:*:*\", \"matchCriteriaId\": \"B83FB539-BD7C-4BEE-9022-098F73902F38\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.3:r2-s4:*:*:*:*:*:*\", \"matchCriteriaId\": \"7659AC36-A5EA-468A-9793-C1EC914D36F4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.3:r2-s5:*:*:*:*:*:*\", \"matchCriteriaId\": \"E0E018E1-568E-40F2-ADA5-F71509811879\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.3:r3-s2:*:*:*:*:*:*\", \"matchCriteriaId\": \"D3FEA876-302D-4F07-94E6-237C669538F2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.4:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"DC743EE4-8833-452A-94DB-655BF139F883\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.4:r1-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"FE96A8EA-FFE3-4D8F-9266-21899149D634\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.4:r1-s2:*:*:*:*:*:*\", \"matchCriteriaId\": \"C12A75C6-2D00-4202-B861-00FF71585FA0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.4:r1-s3:*:*:*:*:*:*\", \"matchCriteriaId\": \"70FF3DD4-14CB-435D-8529-0480EB853F60\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.4:r2-s4:*:*:*:*:*:*\", \"matchCriteriaId\": \"760E2418-B945-4467-BDAC-7702DDF4C4EE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:19.4:r3-s3:*:*:*:*:*:*\", \"matchCriteriaId\": \"0886EFA6-47E3-4C1D-A278-D3891A487FED\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.1:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"8328FDE6-9707-4142-B905-3B07C0E28E35\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.1:r1-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"41CD982F-E6F2-4951-9F96-A76C142DF08E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.1:r1-s2:*:*:*:*:*:*\", \"matchCriteriaId\": \"19FDC05F-5582-4F7E-B628-E58A3C0E7F2F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.1:r1-s3:*:*:*:*:*:*\", \"matchCriteriaId\": \"401306D1-E9CE-49C6-8DC9-0E8747B9DC2C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.1:r1-s4:*:*:*:*:*:*\", \"matchCriteriaId\": \"615EAF48-AD53-4CC2-B233-5EA5C0F72CB1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.1:r2:*:*:*:*:*:*\", \"matchCriteriaId\": \"DC8E7547-6649-436D-BC45-184417680C72\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.1:r2-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"D9789FF8-D55C-4AF9-A250-E543A0EB826F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.1:r3:*:*:*:*:*:*\", \"matchCriteriaId\": \"C21638A9-6AD8-4347-AA3F-64BC7BD71C0D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.2:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"CD07B7E2-F5C2-4610-9133-FDA9E66DFF4F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.2:r1-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"D3C23AEB-34DE-44FB-8D64-E69D6E8B7401\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.2:r1-s2:*:*:*:*:*:*\", \"matchCriteriaId\": \"18DB9401-5A51-4BB3-AC2F-58F58F1C788C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.2:r1-s3:*:*:*:*:*:*\", \"matchCriteriaId\": \"06F53DA5-59AE-403C-9B1E-41CE267D8BB1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.2:r2:*:*:*:*:*:*\", \"matchCriteriaId\": \"3332262F-81DA-4D78-99C9-514CADA46611\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.2:r2-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"B46B63A2-1518-4A29-940C-F05624C9658D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.2:r2-s2:*:*:*:*:*:*\", \"matchCriteriaId\": \"8E0D4959-3865-42A7-98CD-1103EBD84528\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.2:r3:*:*:*:*:*:*\", \"matchCriteriaId\": \"681AE183-7183-46E7-82EA-28C398FA1C3D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.3:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"5C9BC697-C7C9-447D-9EBD-E9711462583E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.3:r1-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"7B80433B-57B1-49EF-B1A1-83781D6102E3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.3:r2:*:*:*:*:*:*\", \"matchCriteriaId\": \"05D8427C-CDDE-4B2F-9CB8-41B9137660E4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.3:r3:*:*:*:*:*:*\", \"matchCriteriaId\": \"7DA0E196-925E-4056-B411-E158702D5D4F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.4:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"20DDC6B7-BFC4-4F0B-8E68-442C23765BF2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos:20.4:r1-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"037BA01C-3F5C-4503-A633-71765E9EF774\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos_os_evolved:18.3:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"7E72627C-4793-4F22-B769-A3FFB77E7DE1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos_os_evolved:19.1:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"2C3245C5-9EE1-490C-B7C7-5C02F155DDD8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos_os_evolved:19.1:r2:*:*:*:*:*:*\", \"matchCriteriaId\": \"01A9BD92-5865-455D-9585-098DCFCC24DD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos_os_evolved:19.2:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"914D6984-1820-483B-AEB9-2C5257B5E900\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos_os_evolved:19.2:r2:*:*:*:*:*:*\", \"matchCriteriaId\": \"14C57D33-01BB-4190-B787-F5BDACE82AFD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos_os_evolved:19.3:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"6480A5C9-3280-40C5-BC08-509555F28363\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos_os_evolved:19.3:r2:*:*:*:*:*:*\", \"matchCriteriaId\": \"2D3C2D74-AF22-4BED-A0C5-089B5507D275\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos_os_evolved:19.4:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"83447F3F-79A3-41DF-8FD1-31DCFCBE40A4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos_os_evolved:19.4:r1-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"1699821F-FBC6-4EB9-94E5-96AF1E4E4FDE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos_os_evolved:20.1:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"F64FBB4B-7CBF-499B-A523-804857DEFAFA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos_os_evolved:20.1:r1-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"EEBE159F-5D94-4C18-B922-331586BEA2CA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos_os_evolved:20.1:r2:*:*:*:*:*:*\", \"matchCriteriaId\": \"A38EBFC9-ECBD-4362-82B2-04C02009E85C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos_os_evolved:20.1:r2-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"0DF7C3A8-1279-4F38-9548-85AC7D6290FD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos_os_evolved:20.1:r2-s2:*:*:*:*:*:*\", \"matchCriteriaId\": \"50D38F97-81B0-4952-A1E3-0A9AA4D34820\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos_os_evolved:20.2:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"FCA8D4D2-D49D-4F91-95E2-2A0E8599338A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos_os_evolved:20.2:r1-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"FF37C911-1904-475A-86F7-F92F34A1A88F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos_os_evolved:20.2:r2:*:*:*:*:*:*\", \"matchCriteriaId\": \"DDFFE53D-202D-4396-A470-0A09F3320375\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos_os_evolved:20.3:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"4AFB91E3-CAAC-429F-A869-DDD40FB0F84D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos_os_evolved:20.3:r1-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"0A9CA997-2DDA-4808-B2AE-8804FEB798B2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos_os_evolved:20.3:r2:*:*:*:*:*:*\", \"matchCriteriaId\": \"423843B3-B2BE-427B-B625-4E3146D26390\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos_os_evolved:20.4:r1:*:*:*:*:*:*\", \"matchCriteriaId\": \"C9C8866D-162F-4C9B-8167-2FBA25410368\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos_os_evolved:21.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"734DE5D8-198D-41C5-9320-F704FE664591\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos_os_evolved:21.1:r1-s1:*:*:*:*:*:*\", \"matchCriteriaId\": \"0099BDA9-9D4B-4D6C-8234-EFD9E8C63476\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"An Improper Privilege Management vulnerability in the gRPC framework, used by the Juniper Extension Toolkit (JET) API on Juniper Networks Junos OS and Junos OS Evolved, allows a network-based, low-privileged authenticated attacker to perform operations as root, leading to complete compromise of the targeted system. The issue is caused by the JET service daemon (jsd) process authenticating the user, then passing configuration operations directly to the management daemon (mgd) process, which runs as root. This issue affects Juniper Networks Junos OS: 18.4 versions prior to 18.4R1-S8, 18.4R2-S8, 18.4R3-S8; 19.1 versions prior to 19.1R2-S3, 19.1R3-S5; 19.2 versions prior to 19.2R1-S7, 19.2R3-S2; 19.3 versions prior to 19.3R2-S6, 19.3R3-S2; 19.4 versions prior to 19.4R1-S4, 19.4R2-S4, 19.4R3-S3; 20.1 versions prior to 20.1R2-S2, 20.1R3; 20.2 versions prior to 20.2R2-S3, 20.2R3; 20.3 versions prior to 20.3R2-S1, 20.3R3; 20.4 versions prior to 20.4R2. This issue does not affect Juniper Networks Junos OS versions prior to 18.4R1. Juniper Networks Junos OS Evolved: All versions prior to 20.4R2-EVO; 21.1-EVO versions prior to 21.1R2-EVO.\"}, {\"lang\": \"es\", \"value\": \"Una vulnerabilidad de administraci\\u00f3n de privilegios inapropiada en el marco gRPC, usado por la API de Juniper Extension Toolkit (JET) en Juniper Networks Junos OS y Junos OS Evolved, permite a un atacante autenticado poco privilegiado basado en la red llevar a cabo operaciones como root, conllevando a un compromiso completo del sistema objetivo. El problema est\\u00e1 causado por el proceso del demonio de servicio JET (jsd) autenticando al usuario y luego pasa las operaciones de configuraci\\u00f3n directamente al proceso del demonio de administraci\\u00f3n (mgd), que se ejecuta como root. Este problema afecta a Juniper Networks Junos OS versiones: versiones 18.4 anteriores a 18.4R1-S8, 18.4R2-S8, 18.4R3-S8; versiones 19.1 anteriores a 19.1R2-S3, 19.1R3-S5; versiones 19.2 anteriores a 19.2R1-S7, 19.2R3-S2; versiones 19.3 anteriores a 19.3R2-S6, 19.3R3-S2; 19. 4 versiones anteriores a 19.4R1-S4, 19.4R2-S4, 19.4R3-S3; versiones 20.1 anteriores a 20.1R2-S2, 20.1R3; versiones 20.2 anteriores a 20.2R2-S3, 20.2R3; versiones 20.3 anteriores a 20.3R2-S1, 20.3R3; versiones 20.4 anteriores a 20.4R2. Este problema no afecta a las versiones de Juniper Networks Junos OS anteriores a 18.4R1. Juniper Networks Junos OS Evolved: Todas las versiones anteriores a 20.4R2-EVO; versiones 21.1-EVO anteriores a 21.1R2-EVO\"}]",
      "id": "CVE-2021-31350",
      "lastModified": "2024-11-21T06:05:28.517",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"sirt@juniper.net\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.6, \"impactScore\": 5.9}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 8.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:S/C:C/I:C/A:C\", \"baseScore\": 9.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"SINGLE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 8.0, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2021-10-19T19:15:08.537",
      "references": "[{\"url\": \"https://kb.juniper.net/JSA11215\", \"source\": \"sirt@juniper.net\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://kb.juniper.net/JSA11215\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}]",
      "sourceIdentifier": "sirt@juniper.net",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"sirt@juniper.net\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-269\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-269\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2021-31350\",\"sourceIdentifier\":\"sirt@juniper.net\",\"published\":\"2021-10-19T19:15:08.537\",\"lastModified\":\"2024-11-21T06:05:28.517\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An Improper Privilege Management vulnerability in the gRPC framework, used by the Juniper Extension Toolkit (JET) API on Juniper Networks Junos OS and Junos OS Evolved, allows a network-based, low-privileged authenticated attacker to perform operations as root, leading to complete compromise of the targeted system. The issue is caused by the JET service daemon (jsd) process authenticating the user, then passing configuration operations directly to the management daemon (mgd) process, which runs as root. This issue affects Juniper Networks Junos OS: 18.4 versions prior to 18.4R1-S8, 18.4R2-S8, 18.4R3-S8; 19.1 versions prior to 19.1R2-S3, 19.1R3-S5; 19.2 versions prior to 19.2R1-S7, 19.2R3-S2; 19.3 versions prior to 19.3R2-S6, 19.3R3-S2; 19.4 versions prior to 19.4R1-S4, 19.4R2-S4, 19.4R3-S3; 20.1 versions prior to 20.1R2-S2, 20.1R3; 20.2 versions prior to 20.2R2-S3, 20.2R3; 20.3 versions prior to 20.3R2-S1, 20.3R3; 20.4 versions prior to 20.4R2. This issue does not affect Juniper Networks Junos OS versions prior to 18.4R1. Juniper Networks Junos OS Evolved: All versions prior to 20.4R2-EVO; 21.1-EVO versions prior to 21.1R2-EVO.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad de administraci\u00f3n de privilegios inapropiada en el marco gRPC, usado por la API de Juniper Extension Toolkit (JET) en Juniper Networks Junos OS y Junos OS Evolved, permite a un atacante autenticado poco privilegiado basado en la red llevar a cabo operaciones como root, conllevando a un compromiso completo del sistema objetivo. El problema est\u00e1 causado por el proceso del demonio de servicio JET (jsd) autenticando al usuario y luego pasa las operaciones de configuraci\u00f3n directamente al proceso del demonio de administraci\u00f3n (mgd), que se ejecuta como root. Este problema afecta a Juniper Networks Junos OS versiones: versiones 18.4 anteriores a 18.4R1-S8, 18.4R2-S8, 18.4R3-S8; versiones 19.1 anteriores a 19.1R2-S3, 19.1R3-S5; versiones 19.2 anteriores a 19.2R1-S7, 19.2R3-S2; versiones 19.3 anteriores a 19.3R2-S6, 19.3R3-S2; 19. 4 versiones anteriores a 19.4R1-S4, 19.4R2-S4, 19.4R3-S3; versiones 20.1 anteriores a 20.1R2-S2, 20.1R3; versiones 20.2 anteriores a 20.2R2-S3, 20.2R3; versiones 20.3 anteriores a 20.3R2-S1, 20.3R3; versiones 20.4 anteriores a 20.4R2. Este problema no afecta a las versiones de Juniper Networks Junos OS anteriores a 18.4R1. Juniper Networks Junos OS Evolved: Todas las versiones anteriores a 20.4R2-EVO; versiones 21.1-EVO anteriores a 21.1R2-EVO\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"sirt@juniper.net\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.6,\"impactScore\":5.9},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:S/C:C/I:C/A:C\",\"baseScore\":9.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.0,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"sirt@juniper.net\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-269\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-269\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.4:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"74CA9010-D3DE-487B-B46F-589A48AB0F0A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.4:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"A38F224C-8E9B-44F3-9D4F-6C9F04F57927\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.4:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"853F146A-9A0F-49B6-AFD2-9907434212F1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.4:r1-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"8F73B88B-E66C-4ACD-B38D-9365FB230ABA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.4:r1-s3:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE1F82EC-3222-4158-8923-59CDA1909A9C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.4:r1-s4:*:*:*:*:*:*\",\"matchCriteriaId\":\"8FE95D15-B5E5-4E74-9464-C72D8B646A6B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.4:r1-s5:*:*:*:*:*:*\",\"matchCriteriaId\":\"C012CD07-706A-4E1C-B399-C55AEF5C8309\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.4:r1-s6:*:*:*:*:*:*\",\"matchCriteriaId\":\"A0C26E59-874A-4D87-9E7F-E366F4D65ED1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.4:r1-s7:*:*:*:*:*:*\",\"matchCriteriaId\":\"75902119-60D0-49F8-8E01-666E0F75935A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.4:r2-s8:*:*:*:*:*:*\",\"matchCriteriaId\":\"924C4EAC-2A52-45A9-BE0F-B62F070C3E3D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:18.4:r3-s8:*:*:*:*:*:*\",\"matchCriteriaId\":\"44C4BE2C-814F-49AA-8B64-17245FC01270\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"768C0EB7-8456-4BF4-8598-3401A54D21DA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.1:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"5332B70A-F6B0-4C3B-90E2-5CBFB3326126\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.1:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"81439FE8-5405-45C2-BC04-9823D2009A77\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.1:r1-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"E506138D-043E-485D-B485-94A2AB75F8E7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.1:r1-s3:*:*:*:*:*:*\",\"matchCriteriaId\":\"0EF3C901-3599-463F-BEFB-8858768DC195\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.1:r1-s4:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD806778-A995-4A9B-9C05-F4D7B1CB1F7D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.1:r1-s5:*:*:*:*:*:*\",\"matchCriteriaId\":\"02B42BE8-1EF2-47F7-9F10-DE486A017EED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.1:r1-s6:*:*:*:*:*:*\",\"matchCriteriaId\":\"0B372356-D146-420B-95C3-381D0383B595\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.1:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"DCAB79C9-6639-4ED0-BEC9-E7C8229DF977\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.1:r2-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"C8CF858F-84BB-4AEA-B829-FCF22C326160\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.1:r2-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"92292C23-DC38-42F1-97C1-8416BBB60FA9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.1:r3-s5:*:*:*:*:*:*\",\"matchCriteriaId\":\"8120EAC3-DCCB-4429-A372-C0DAA3270A1F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.2:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"0E7545CE-6300-4E81-B5AF-2BE150C1B190\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.2:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"4CA3060F-1800-4A06-A453-FB8CE4B65312\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.2:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"9A5B337A-727C-4767-AD7B-E0F7F99EB46F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.2:r1-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"16FDE60B-7A99-4683-BC14-530B5B005F8B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.2:r1-s3:*:*:*:*:*:*\",\"matchCriteriaId\":\"725D8C27-E4F8-4394-B4EC-B49B6D3C2709\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.2:r1-s4:*:*:*:*:*:*\",\"matchCriteriaId\":\"8233C3AB-470E-4D13-9BFD-C9E90918FD0B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.2:r1-s5:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F7A233A-D4F6-46FA-92E9-2ACE13E4A6A4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.2:r1-s6:*:*:*:*:*:*\",\"matchCriteriaId\":\"ADCE4EA8-DDBA-4766-BB81-E4DA29723723\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.2:r3-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"920FE638-BDE6-403D-9083-2BDBF6A3326F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.3:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"59006503-B2CA-4F79-AC13-7C5615A74CE5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.3:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8110DA9-54B1-43CF-AACB-76EABE0C9EF6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.3:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"11B5CC5A-1959-4113-BFCF-E4BA63D918C1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.3:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"33F08A33-EF80-4D86-9A9A-9DF147B9B6D3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.3:r2-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF24ACBD-5F84-47B2-BFF3-E9A56666269C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.3:r2-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"3935A586-41BD-4FA5-9596-DED6F0864777\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.3:r2-s3:*:*:*:*:*:*\",\"matchCriteriaId\":\"B83FB539-BD7C-4BEE-9022-098F73902F38\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.3:r2-s4:*:*:*:*:*:*\",\"matchCriteriaId\":\"7659AC36-A5EA-468A-9793-C1EC914D36F4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.3:r2-s5:*:*:*:*:*:*\",\"matchCriteriaId\":\"E0E018E1-568E-40F2-ADA5-F71509811879\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.3:r3-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3FEA876-302D-4F07-94E6-237C669538F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.4:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"DC743EE4-8833-452A-94DB-655BF139F883\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.4:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"FE96A8EA-FFE3-4D8F-9266-21899149D634\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.4:r1-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"C12A75C6-2D00-4202-B861-00FF71585FA0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.4:r1-s3:*:*:*:*:*:*\",\"matchCriteriaId\":\"70FF3DD4-14CB-435D-8529-0480EB853F60\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.4:r2-s4:*:*:*:*:*:*\",\"matchCriteriaId\":\"760E2418-B945-4467-BDAC-7702DDF4C4EE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:19.4:r3-s3:*:*:*:*:*:*\",\"matchCriteriaId\":\"0886EFA6-47E3-4C1D-A278-D3891A487FED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.1:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"8328FDE6-9707-4142-B905-3B07C0E28E35\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.1:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"41CD982F-E6F2-4951-9F96-A76C142DF08E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.1:r1-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"19FDC05F-5582-4F7E-B628-E58A3C0E7F2F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.1:r1-s3:*:*:*:*:*:*\",\"matchCriteriaId\":\"401306D1-E9CE-49C6-8DC9-0E8747B9DC2C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.1:r1-s4:*:*:*:*:*:*\",\"matchCriteriaId\":\"615EAF48-AD53-4CC2-B233-5EA5C0F72CB1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.1:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"DC8E7547-6649-436D-BC45-184417680C72\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.1:r2-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"D9789FF8-D55C-4AF9-A250-E543A0EB826F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.1:r3:*:*:*:*:*:*\",\"matchCriteriaId\":\"C21638A9-6AD8-4347-AA3F-64BC7BD71C0D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.2:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD07B7E2-F5C2-4610-9133-FDA9E66DFF4F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.2:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3C23AEB-34DE-44FB-8D64-E69D6E8B7401\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.2:r1-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"18DB9401-5A51-4BB3-AC2F-58F58F1C788C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.2:r1-s3:*:*:*:*:*:*\",\"matchCriteriaId\":\"06F53DA5-59AE-403C-9B1E-41CE267D8BB1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.2:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"3332262F-81DA-4D78-99C9-514CADA46611\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.2:r2-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"B46B63A2-1518-4A29-940C-F05624C9658D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.2:r2-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"8E0D4959-3865-42A7-98CD-1103EBD84528\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.2:r3:*:*:*:*:*:*\",\"matchCriteriaId\":\"681AE183-7183-46E7-82EA-28C398FA1C3D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.3:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C9BC697-C7C9-447D-9EBD-E9711462583E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.3:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"7B80433B-57B1-49EF-B1A1-83781D6102E3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.3:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"05D8427C-CDDE-4B2F-9CB8-41B9137660E4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.3:r3:*:*:*:*:*:*\",\"matchCriteriaId\":\"7DA0E196-925E-4056-B411-E158702D5D4F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.4:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"20DDC6B7-BFC4-4F0B-8E68-442C23765BF2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos:20.4:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"037BA01C-3F5C-4503-A633-71765E9EF774\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:18.3:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E72627C-4793-4F22-B769-A3FFB77E7DE1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:19.1:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"2C3245C5-9EE1-490C-B7C7-5C02F155DDD8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:19.1:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"01A9BD92-5865-455D-9585-098DCFCC24DD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:19.2:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"914D6984-1820-483B-AEB9-2C5257B5E900\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:19.2:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"14C57D33-01BB-4190-B787-F5BDACE82AFD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:19.3:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"6480A5C9-3280-40C5-BC08-509555F28363\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:19.3:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"2D3C2D74-AF22-4BED-A0C5-089B5507D275\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:19.4:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"83447F3F-79A3-41DF-8FD1-31DCFCBE40A4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:19.4:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"1699821F-FBC6-4EB9-94E5-96AF1E4E4FDE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:20.1:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"F64FBB4B-7CBF-499B-A523-804857DEFAFA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:20.1:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"EEBE159F-5D94-4C18-B922-331586BEA2CA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:20.1:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"A38EBFC9-ECBD-4362-82B2-04C02009E85C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:20.1:r2-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"0DF7C3A8-1279-4F38-9548-85AC7D6290FD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:20.1:r2-s2:*:*:*:*:*:*\",\"matchCriteriaId\":\"50D38F97-81B0-4952-A1E3-0A9AA4D34820\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:20.2:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"FCA8D4D2-D49D-4F91-95E2-2A0E8599338A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:20.2:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"FF37C911-1904-475A-86F7-F92F34A1A88F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:20.2:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"DDFFE53D-202D-4396-A470-0A09F3320375\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:20.3:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"4AFB91E3-CAAC-429F-A869-DDD40FB0F84D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:20.3:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"0A9CA997-2DDA-4808-B2AE-8804FEB798B2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:20.3:r2:*:*:*:*:*:*\",\"matchCriteriaId\":\"423843B3-B2BE-427B-B625-4E3146D26390\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:20.4:r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"C9C8866D-162F-4C9B-8167-2FBA25410368\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:21.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"734DE5D8-198D-41C5-9320-F704FE664591\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_os_evolved:21.1:r1-s1:*:*:*:*:*:*\",\"matchCriteriaId\":\"0099BDA9-9D4B-4D6C-8234-EFD9E8C63476\"}]}]}],\"references\":[{\"url\":\"https://kb.juniper.net/JSA11215\",\"source\":\"sirt@juniper.net\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://kb.juniper.net/JSA11215\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]}]}}"
  }
}

GSD-2021-31350

Vulnerability from gsd - Updated: 2023-12-13 01:23

Details

Aliases

CVE-2021-31350

Aliases

CVE-2021-31350

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2021-31350",
    "description": "An Improper Privilege Management vulnerability in the gRPC framework, used by the Juniper Extension Toolkit (JET) API on Juniper Networks Junos OS and Junos OS Evolved, allows a network-based, low-privileged authenticated attacker to perform operations as root, leading to complete compromise of the targeted system. The issue is caused by the JET service daemon (jsd) process authenticating the user, then passing configuration operations directly to the management daemon (mgd) process, which runs as root. This issue affects Juniper Networks Junos OS: 18.4 versions prior to 18.4R1-S8, 18.4R2-S8, 18.4R3-S8; 19.1 versions prior to 19.1R2-S3, 19.1R3-S5; 19.2 versions prior to 19.2R1-S7, 19.2R3-S2; 19.3 versions prior to 19.3R2-S6, 19.3R3-S2; 19.4 versions prior to 19.4R1-S4, 19.4R2-S4, 19.4R3-S3; 20.1 versions prior to 20.1R2-S2, 20.1R3; 20.2 versions prior to 20.2R2-S3, 20.2R3; 20.3 versions prior to 20.3R2-S1, 20.3R3; 20.4 versions prior to 20.4R2. This issue does not affect Juniper Networks Junos OS versions prior to 18.4R1. Juniper Networks Junos OS Evolved: All versions prior to 20.4R2-EVO; 21.1-EVO versions prior to 21.1R2-EVO.",
    "id": "GSD-2021-31350"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2021-31350"
      ],
      "details": "An Improper Privilege Management vulnerability in the gRPC framework, used by the Juniper Extension Toolkit (JET) API on Juniper Networks Junos OS and Junos OS Evolved, allows a network-based, low-privileged authenticated attacker to perform operations as root, leading to complete compromise of the targeted system. The issue is caused by the JET service daemon (jsd) process authenticating the user, then passing configuration operations directly to the management daemon (mgd) process, which runs as root. This issue affects Juniper Networks Junos OS: 18.4 versions prior to 18.4R1-S8, 18.4R2-S8, 18.4R3-S8; 19.1 versions prior to 19.1R2-S3, 19.1R3-S5; 19.2 versions prior to 19.2R1-S7, 19.2R3-S2; 19.3 versions prior to 19.3R2-S6, 19.3R3-S2; 19.4 versions prior to 19.4R1-S4, 19.4R2-S4, 19.4R3-S3; 20.1 versions prior to 20.1R2-S2, 20.1R3; 20.2 versions prior to 20.2R2-S3, 20.2R3; 20.3 versions prior to 20.3R2-S1, 20.3R3; 20.4 versions prior to 20.4R2. This issue does not affect Juniper Networks Junos OS versions prior to 18.4R1. Juniper Networks Junos OS Evolved: All versions prior to 20.4R2-EVO; 21.1-EVO versions prior to 21.1R2-EVO.",
      "id": "GSD-2021-31350",
      "modified": "2023-12-13T01:23:12.840676Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "sirt@juniper.net",
        "DATE_PUBLIC": "2021-10-13T16:00:00.000Z",
        "ID": "CVE-2021-31350",
        "STATE": "PUBLIC",
        "TITLE": "Junos OS and Junos OS Evolved: Privilege escalation vulnerability in Juniper Extension Toolkit (JET)"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Junos OS",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003c",
                          "version_name": "18.4",
                          "version_value": "18.4R1-S8, 18.4R2-S8, 18.4R3-S8"
                        },
                        {
                          "version_affected": "\u003c",
                          "version_name": "19.1",
                          "version_value": "19.1R2-S3, 19.1R3-S5"
                        },
                        {
                          "version_affected": "\u003c",
                          "version_name": "19.2",
                          "version_value": "19.2R1-S7, 19.2R3-S2"
                        },
                        {
                          "version_affected": "\u003c",
                          "version_name": "19.3",
                          "version_value": "19.3R2-S6, 19.3R3-S2"
                        },
                        {
                          "version_affected": "\u003c",
                          "version_name": "19.4",
                          "version_value": "19.4R1-S4, 19.4R2-S4, 19.4R3-S3"
                        },
                        {
                          "version_affected": "\u003c",
                          "version_name": "20.1",
                          "version_value": "20.1R2-S2, 20.1R3"
                        },
                        {
                          "version_affected": "\u003c",
                          "version_name": "20.2",
                          "version_value": "20.2R2-S3, 20.2R3"
                        },
                        {
                          "version_affected": "\u003c",
                          "version_name": "20.3",
                          "version_value": "20.3R2-S1, 20.3R3"
                        },
                        {
                          "version_affected": "\u003c",
                          "version_name": "20.4",
                          "version_value": "20.4R2"
                        },
                        {
                          "version_affected": "!\u003c",
                          "version_value": "18.4R1"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "Junos OS Evolved",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003c",
                          "version_value": "20.4R2-EVO"
                        },
                        {
                          "version_affected": "\u003c",
                          "version_name": "21.1-EVO",
                          "version_value": "21.1R2-EVO"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Juniper Networks"
            }
          ]
        }
      },
      "configuration": [
        {
          "lang": "eng",
          "value": "The following is an example of enabling gRPC in Junos:\n\n  set system services extension-service request-response grpc ssl\n"
        }
      ],
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "An Improper Privilege Management vulnerability in the gRPC framework, used by the Juniper Extension Toolkit (JET) API on Juniper Networks Junos OS and Junos OS Evolved, allows a network-based, low-privileged authenticated attacker to perform operations as root, leading to complete compromise of the targeted system. The issue is caused by the JET service daemon (jsd) process authenticating the user, then passing configuration operations directly to the management daemon (mgd) process, which runs as root. This issue affects Juniper Networks Junos OS: 18.4 versions prior to 18.4R1-S8, 18.4R2-S8, 18.4R3-S8; 19.1 versions prior to 19.1R2-S3, 19.1R3-S5; 19.2 versions prior to 19.2R1-S7, 19.2R3-S2; 19.3 versions prior to 19.3R2-S6, 19.3R3-S2; 19.4 versions prior to 19.4R1-S4, 19.4R2-S4, 19.4R3-S3; 20.1 versions prior to 20.1R2-S2, 20.1R3; 20.2 versions prior to 20.2R2-S3, 20.2R3; 20.3 versions prior to 20.3R2-S1, 20.3R3; 20.4 versions prior to 20.4R2. This issue does not affect Juniper Networks Junos OS versions prior to 18.4R1. Juniper Networks Junos OS Evolved: All versions prior to 20.4R2-EVO; 21.1-EVO versions prior to 21.1R2-EVO."
          }
        ]
      },
      "exploit": [
        {
          "lang": "eng",
          "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."
        }
      ],
      "generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "impact": {
        "cvss": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        }
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-269 Improper Privilege Management"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://kb.juniper.net/JSA11215",
            "refsource": "CONFIRM",
            "url": "https://kb.juniper.net/JSA11215"
          }
        ]
      },
      "solution": [
        {
          "lang": "eng",
          "value": "The following software releases have been updated to resolve this specific issue: \n\nJunos OS 18.4R1-S8, 18.4R2-S8, 18.4R3-S8, 19.1R2-S3, 19.1R3-S5, 19.2R1-S7, 19.2R3-S2, 19.3R2-S6, 19.3R3-S2, 19.4R1-S4, 19.4R2-S4, 19.4R3-S3, 20.1R2-S2, 20.1R3, 20.2R2-S3, 20.2R3, 20.3R2-S1, 20.3R3, 20.4R2, 21.1R1, and all subsequent releases.\n\nJunos OS Evolved 20.4R2-EVO, 21.1R2-EVO, 21.2R1-EVO, and all subsequent releases.\n"
        }
      ],
      "source": {
        "advisory": "JSA11215",
        "defect": [
          "1578302"
        ],
        "discovery": "INTERNAL"
      },
      "work_around": [
        {
          "lang": "eng",
          "value": "Use access lists or firewall filters to limit access to the device via gRPC only from trusted hosts and from trusted administrators\n"
        }
      ]
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:18.4:-:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:18.4:r1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:18.4:r1-s1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:18.4:r1-s2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:18.4:r1-s3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:18.4:r1-s4:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:18.4:r1-s5:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:18.4:r1-s6:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:18.4:r1-s7:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:18.4:r2-s8:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:18.4:r3-s8:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.1:-:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.1:r1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.1:r1-s1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.1:r1-s2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.1:r1-s3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.1:r1-s4:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.1:r1-s5:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.1:r1-s6:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.1:r2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.1:r2-s1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.1:r2-s2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.1:r3-s5:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.2:-:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.2:r1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.2:r1-s1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.2:r1-s2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.2:r1-s3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.2:r1-s4:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.2:r1-s5:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.2:r1-s6:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.2:r3-s2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.3:-:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.3:r1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.3:r1-s1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.3:r2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.3:r2-s1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.3:r2-s2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.3:r2-s3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.3:r2-s4:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.3:r2-s5:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.3:r3-s2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.4:r1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.4:r1-s1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.4:r1-s2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.4:r1-s3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.4:r2-s4:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.4:r3-s3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:20.1:r1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:20.1:r1-s1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:20.1:r1-s2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:20.1:r1-s3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:20.1:r1-s4:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:20.1:r2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:20.1:r2-s1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:20.1:r3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:20.2:r1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:20.2:r1-s1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:20.2:r1-s2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:20.2:r1-s3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:20.2:r2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:20.2:r2-s1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:20.2:r2-s2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:20.2:r3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:20.3:r1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:20.3:r1-s1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:20.3:r2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:20.3:r3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:20.4:r1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:20.4:r1-s1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos_os_evolved:18.3:r1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos_os_evolved:19.1:r1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos_os_evolved:19.1:r2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos_os_evolved:19.2:r1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos_os_evolved:19.2:r2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos_os_evolved:19.3:r1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos_os_evolved:19.3:r2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos_os_evolved:19.4:r1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos_os_evolved:19.4:r1-s1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos_os_evolved:20.1:r1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos_os_evolved:20.1:r1-s1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos_os_evolved:20.1:r2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos_os_evolved:20.1:r2-s1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos_os_evolved:20.1:r2-s2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos_os_evolved:20.2:r1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos_os_evolved:20.2:r1-s1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos_os_evolved:20.2:r2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos_os_evolved:20.3:r1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos_os_evolved:20.3:r1-s1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos_os_evolved:20.3:r2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos_os_evolved:20.4:r1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos_os_evolved:21.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos_os_evolved:21.1:r1-s1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "sirt@juniper.net",
          "ID": "CVE-2021-31350"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "An Improper Privilege Management vulnerability in the gRPC framework, used by the Juniper Extension Toolkit (JET) API on Juniper Networks Junos OS and Junos OS Evolved, allows a network-based, low-privileged authenticated attacker to perform operations as root, leading to complete compromise of the targeted system. The issue is caused by the JET service daemon (jsd) process authenticating the user, then passing configuration operations directly to the management daemon (mgd) process, which runs as root. This issue affects Juniper Networks Junos OS: 18.4 versions prior to 18.4R1-S8, 18.4R2-S8, 18.4R3-S8; 19.1 versions prior to 19.1R2-S3, 19.1R3-S5; 19.2 versions prior to 19.2R1-S7, 19.2R3-S2; 19.3 versions prior to 19.3R2-S6, 19.3R3-S2; 19.4 versions prior to 19.4R1-S4, 19.4R2-S4, 19.4R3-S3; 20.1 versions prior to 20.1R2-S2, 20.1R3; 20.2 versions prior to 20.2R2-S3, 20.2R3; 20.3 versions prior to 20.3R2-S1, 20.3R3; 20.4 versions prior to 20.4R2. This issue does not affect Juniper Networks Junos OS versions prior to 18.4R1. Juniper Networks Junos OS Evolved: All versions prior to 20.4R2-EVO; 21.1-EVO versions prior to 21.1R2-EVO."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-269"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://kb.juniper.net/JSA11215",
              "refsource": "CONFIRM",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "https://kb.juniper.net/JSA11215"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.0,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 8.0,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 2.8,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2021-10-25T12:58Z",
      "publishedDate": "2021-10-19T19:15Z"
    }
  }
}

CERTFR-2021-AVI-789

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans les produits Juniper. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Juniper Networks	N/A	Juniper Networks CTPView versions 9.1 antérieures à 9.1R3
Juniper Networks	N/A	Juniper Networks SRC Series versions antérieures à 4.13.0-R6
Juniper Networks	N/A	Juniper Networks CTPView versions 7.3 antérieures à 7.3R7
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS on PTX Series versions 19.4 antérieures à 19.4R1-S4, 19.4R3-S5
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS on QFX Series versions 19.4 antérieures à 19.4R2-S3, 19.4R3-S1
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS on QFX Series versions 17.4 antérieures à 17.4R2-S13, 17.4R3-S4
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS on MX Series versions antérieures à 19.2R3-S2
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS on MX Series versions antérieures à 19.4R3-S3
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS versions 18.4 antérieures à 18.4R3-S9
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS on QFX Series versions 19.1 antérieures à 19.1R1-S6, 19.1R2-S2, 19.1R3-S4
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS versions 19.1 antérieures à 19.1R3-S7
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS versions 12.3X48 antérieures à 12.3X48-D105
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS versions 17.4 antérieures à 17.4R3-S5
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS on PTX Series versions 20.3 antérieures à 20.3R2-S1, 20.3R3
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS on MX Series versions antérieures à 21.1R2
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS on PTX Series versions 19.2 antérieures à 19.2R1-S7, 19.2R3-S3
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS versions 15.1 antérieures à 15.1R7-S10
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS on PTX Series versions antérieures à 18.4R3-S9
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS on PTX Series versions 20.1 antérieures à 20.1R2-S2, 20.1R3
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS on PTX Series versions 19.1 antérieures à 19.1R3-S6
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS on MX Series versions antérieures à 19.3R3-S3
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS on MX Series versions antérieures à 18.4R3-S8
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS on QFX Series versions 18.3 antérieures à 18.3R3-S4
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS on QFX Series versions 20.3 antérieures à 20.3R1-S1, 20.3R2
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS on MX Series versions antérieures à 19.2R1-S7
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS on MX Series versions antérieures à 21.1R1-S1
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS on MX Series versions antérieures à 17.4R3-S5
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS on QFX Series versions 18.1 antérieures à 18.1R3-S12
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS on MX Series versions antérieures à 18.1R3-S13
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS on MX Series versions antérieures à 18.3R3-S5
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS on QFX Series versions 18.2 antérieures à 18.2R2-S8, 18.2R3-S7
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS versions 19.4 antérieures à 19.4R3-S6
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS on MX Series versions antérieures à 20.3R3
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS on PTX Series versions 20.4 antérieures à 20.4R2-S1, 20.4R3
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS versions 20.2 antérieures à 20.2R3-S2
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS on MX Series versions antérieures à 17.3R3-S12
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS on QFX Series versions 19.3 antérieures à 19.3R3-S1
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS on MX Series versions antérieures à 19.1R3-S6
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS versions 20.3 antérieures à 20.3R3
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS on MX Series versions antérieures à 21.2R1
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS on QFX Series versions 18.4 antérieures à 18.4R1-S8, 18.4R2-S7, 18.4R3-S7
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS on QFX Series versions 19.2 antérieures à 19.2R1-S6, 19.2R3-S2
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS on PTX Series versions 20.2 antérieures à 20.2R3-S1
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS versions 15.1X49 antérieures à 15.1X49-D220
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS versions 21.1 antérieures à 21.1R2
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS versions 20.4 antérieures à 20.4R3
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS versions 19.3 antérieures à 19.3R3-S4
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS on MX Series versions antérieures à 19.3R2-S6
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS on MX Series versions antérieures à 20.1R2-S2
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS on QFX Series versions 20.1 antérieures à 20.1R2, 20.1R3
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS on QFX Series versions 20.2 antérieures à 20.2R2, 20.2R3
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS on QFX Series versions antérieures à 17.3R3-S11
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS on MX Series versions antérieures à 20.4R3
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS on PTX Series versions 19.3 antérieures à 19.3R2-S6, 19.3R3-S3
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS on MX Series versions antérieures à 20.2R3-S1
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS on MX Series versions antérieures à 20.1R3
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS versions antérieures à 18.2R3-S8
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS versions 19.2 antérieures à 19.2R3-S3
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS on PTX Series versions 21.1 antérieures à 21.1R1-S1, 21.1R2
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS versions 20.1 antérieures à 20.1R3-S1
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS versions 18.3 antérieures à 18.3R3-S5
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS on MX Series versions antérieures à 20.4R2-S1
Juniper Networks	Networks Junos OS Evolved	Juniper Networks Junos OS Evolved versions 21.2-EVO antérieures à 21.2R2-EVO
Juniper Networks	Networks Junos OS Evolved	Juniper Networks Junos OS Evolved versions antérieures à 20.1R2-EVO sur PTX10003 et PTX10008 platforms
Juniper Networks	Networks Junos OS Evolved	Juniper Networks Junos OS Evolved toutes versions 21.1-EVO et 21.2-EVO
Juniper Networks	Networks Junos OS Evolved	Juniper Networks Junos OS Evolved versions antérieures à 21.2R2-EVO
Juniper Networks	Networks Junos OS Evolved	Juniper Networks Junos OS Evolved versions 21.1 antérieures à 21.1R2-EVO
Juniper Networks	Networks Junos OS Evolved	Juniper Networks Junos OS Evolved versions 20.4 antérieures à 20.4R2-EVO
Juniper Networks	Networks Junos OS Evolved	Juniper Networks Junos OS Evolved versions 20.3 antérieures à 20.3R1-S2-EVO
Juniper Networks	Networks Junos OS Evolved	Juniper Networks Junos OS Evolved versions 21.1-EVO antérieures à 21.1R2-EVO
Juniper Networks	Networks Junos OS Evolved	Juniper Networks Junos OS Evolved versions antérieures à 20.4R3-S1-EVO

References

Title

Publication Time

Tags

Bulletin de sécurité Juniper JSA11224 du 14 octobre 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11221 du 14 octobre 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11218 du 14 octobre 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11213 du 14 octobre 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11210 du 14 octobre 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11212 du 14 octobre 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11223 du 14 octobre 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11225 du 14 octobre 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11219 du 14 octobre 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11222 du 14 octobre 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11215 du 14 octobre 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11220 du 14 octobre 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11211 du 14 octobre 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11217 du 14 octobre 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11216 du 14 octobre 2021	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Juniper Networks CTPView versions 9.1 ant\u00e9rieures \u00e0 9.1R3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks SRC Series versions ant\u00e9rieures \u00e0 4.13.0-R6",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks CTPView versions 7.3 ant\u00e9rieures \u00e0 7.3R7",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS on PTX Series versions 19.4 ant\u00e9rieures \u00e0 19.4R1-S4, 19.4R3-S5",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS on QFX Series versions 19.4 ant\u00e9rieures \u00e0 19.4R2-S3, 19.4R3-S1",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS on QFX Series versions 17.4 ant\u00e9rieures \u00e0 17.4R2-S13, 17.4R3-S4",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS on MX Series versions ant\u00e9rieures \u00e0 19.2R3-S2",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS on MX Series versions ant\u00e9rieures \u00e0 19.4R3-S3",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS versions 18.4 ant\u00e9rieures \u00e0 18.4R3-S9",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS on QFX Series versions 19.1 ant\u00e9rieures \u00e0 19.1R1-S6, 19.1R2-S2, 19.1R3-S4",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS versions 19.1 ant\u00e9rieures \u00e0 19.1R3-S7",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS versions 12.3X48 ant\u00e9rieures \u00e0 12.3X48-D105",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS versions 17.4 ant\u00e9rieures \u00e0 17.4R3-S5",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS on PTX Series versions 20.3 ant\u00e9rieures \u00e0 20.3R2-S1, 20.3R3",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS on MX Series versions ant\u00e9rieures \u00e0 21.1R2",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS on PTX Series versions 19.2 ant\u00e9rieures \u00e0 19.2R1-S7, 19.2R3-S3",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS versions 15.1 ant\u00e9rieures \u00e0 15.1R7-S10",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS on PTX Series versions ant\u00e9rieures \u00e0 18.4R3-S9",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS on PTX Series versions 20.1 ant\u00e9rieures \u00e0 20.1R2-S2, 20.1R3",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS on PTX Series versions 19.1 ant\u00e9rieures \u00e0 19.1R3-S6",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS on MX Series versions ant\u00e9rieures \u00e0 19.3R3-S3",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS on MX Series versions ant\u00e9rieures \u00e0 18.4R3-S8",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS on QFX Series versions 18.3 ant\u00e9rieures \u00e0 18.3R3-S4",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS on QFX Series versions 20.3 ant\u00e9rieures \u00e0 20.3R1-S1, 20.3R2",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS on MX Series versions ant\u00e9rieures \u00e0 19.2R1-S7",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS on MX Series versions ant\u00e9rieures \u00e0 21.1R1-S1",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS on MX Series versions ant\u00e9rieures \u00e0 17.4R3-S5",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS on QFX Series versions 18.1 ant\u00e9rieures \u00e0 18.1R3-S12",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS on MX Series versions ant\u00e9rieures \u00e0 18.1R3-S13",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS on MX Series versions ant\u00e9rieures \u00e0 18.3R3-S5",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS on QFX Series versions 18.2 ant\u00e9rieures \u00e0 18.2R2-S8, 18.2R3-S7",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS versions 19.4 ant\u00e9rieures \u00e0 19.4R3-S6",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS on MX Series versions ant\u00e9rieures \u00e0 20.3R3",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS on PTX Series versions 20.4 ant\u00e9rieures \u00e0 20.4R2-S1, 20.4R3",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS versions 20.2 ant\u00e9rieures \u00e0 20.2R3-S2",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS on MX Series versions ant\u00e9rieures \u00e0 17.3R3-S12",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS on QFX Series versions 19.3 ant\u00e9rieures \u00e0 19.3R3-S1",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS on MX Series versions ant\u00e9rieures \u00e0 19.1R3-S6",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS versions 20.3 ant\u00e9rieures \u00e0 20.3R3",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS on MX Series versions ant\u00e9rieures \u00e0 21.2R1",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS on QFX Series versions 18.4 ant\u00e9rieures \u00e0 18.4R1-S8, 18.4R2-S7, 18.4R3-S7",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS on QFX Series versions 19.2 ant\u00e9rieures \u00e0 19.2R1-S6, 19.2R3-S2",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS on PTX Series versions 20.2 ant\u00e9rieures \u00e0 20.2R3-S1",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS versions 15.1X49 ant\u00e9rieures \u00e0 15.1X49-D220",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS versions 21.1 ant\u00e9rieures \u00e0 21.1R2",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS versions 20.4 ant\u00e9rieures \u00e0 20.4R3",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS versions 19.3 ant\u00e9rieures \u00e0 19.3R3-S4",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS on MX Series versions ant\u00e9rieures \u00e0 19.3R2-S6",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS on MX Series versions ant\u00e9rieures \u00e0 20.1R2-S2",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS on QFX Series versions 20.1 ant\u00e9rieures \u00e0 20.1R2, 20.1R3",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS on QFX Series versions 20.2 ant\u00e9rieures \u00e0 20.2R2, 20.2R3",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS on QFX Series versions ant\u00e9rieures \u00e0 17.3R3-S11",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS on MX Series versions ant\u00e9rieures \u00e0 20.4R3",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS on PTX Series versions 19.3 ant\u00e9rieures \u00e0 19.3R2-S6, 19.3R3-S3",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS on MX Series versions ant\u00e9rieures \u00e0 20.2R3-S1",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS on MX Series versions ant\u00e9rieures \u00e0 20.1R3",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS versions ant\u00e9rieures \u00e0 18.2R3-S8",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS versions 19.2 ant\u00e9rieures \u00e0 19.2R3-S3",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS on PTX Series versions 21.1 ant\u00e9rieures \u00e0 21.1R1-S1, 21.1R2",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS versions 20.1 ant\u00e9rieures \u00e0 20.1R3-S1",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS versions 18.3 ant\u00e9rieures \u00e0 18.3R3-S5",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS on MX Series versions ant\u00e9rieures \u00e0 20.4R2-S1",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS Evolved versions 21.2-EVO ant\u00e9rieures \u00e0 21.2R2-EVO",
      "product": {
        "name": "Networks Junos OS Evolved",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS Evolved versions ant\u00e9rieures \u00e0 20.1R2-EVO sur PTX10003 et PTX10008 platforms",
      "product": {
        "name": "Networks Junos OS Evolved",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS Evolved toutes versions 21.1-EVO et 21.2-EVO",
      "product": {
        "name": "Networks Junos OS Evolved",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS Evolved versions ant\u00e9rieures \u00e0 21.2R2-EVO",
      "product": {
        "name": "Networks Junos OS Evolved",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS Evolved versions 21.1 ant\u00e9rieures \u00e0 21.1R2-EVO",
      "product": {
        "name": "Networks Junos OS Evolved",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS Evolved versions 20.4 ant\u00e9rieures \u00e0 20.4R2-EVO",
      "product": {
        "name": "Networks Junos OS Evolved",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS Evolved versions 20.3 ant\u00e9rieures \u00e0 20.3R1-S2-EVO",
      "product": {
        "name": "Networks Junos OS Evolved",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS Evolved versions 21.1-EVO ant\u00e9rieures \u00e0 21.1R2-EVO",
      "product": {
        "name": "Networks Junos OS Evolved",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS Evolved versions ant\u00e9rieures \u00e0 20.4R3-S1-EVO",
      "product": {
        "name": "Networks Junos OS Evolved",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2021-0296",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0296"
    },
    {
      "name": "CVE-2021-31356",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31356"
    },
    {
      "name": "CVE-2021-31363",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31363"
    },
    {
      "name": "CVE-2021-0299",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0299"
    },
    {
      "name": "CVE-2021-31360",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31360"
    },
    {
      "name": "CVE-2021-31355",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31355"
    },
    {
      "name": "CVE-2021-31353",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31353"
    },
    {
      "name": "CVE-2021-31354",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31354"
    },
    {
      "name": "CVE-2021-0298",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0298"
    },
    {
      "name": "CVE-2021-31361",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31361"
    },
    {
      "name": "CVE-2021-31362",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31362"
    },
    {
      "name": "CVE-2021-31359",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31359"
    },
    {
      "name": "CVE-2021-31350",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31350"
    },
    {
      "name": "CVE-2021-31351",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31351"
    },
    {
      "name": "CVE-2021-31357",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31357"
    },
    {
      "name": "CVE-2021-31358",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31358"
    },
    {
      "name": "CVE-2021-0297",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0297"
    },
    {
      "name": "CVE-2021-31352",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31352"
    }
  ],
  "links": [],
  "reference": "CERTFR-2021-AVI-789",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2021-10-14T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nJuniper. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et un contournement de la politique de s\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11224 du 14 octobre 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11224\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11221 du 14 octobre 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11221\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11218 du 14 octobre 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11218\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11213 du 14 octobre 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11213\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11210 du 14 octobre 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11210\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11212 du 14 octobre 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11212\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11223 du 14 octobre 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11223\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11225 du 14 octobre 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11225\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11219 du 14 octobre 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11219\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11222 du 14 octobre 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11222\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11215 du 14 octobre 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11215\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11220 du 14 octobre 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11220\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11211 du 14 octobre 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11211\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11217 du 14 octobre 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11217\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11216 du 14 octobre 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11216\u0026cat=SIRT_1\u0026actp=LIST"
    }
  ]
}

CERTFR-2021-AVI-789

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Juniper Networks	N/A	Juniper Networks CTPView versions 9.1 antérieures à 9.1R3
Juniper Networks	N/A	Juniper Networks SRC Series versions antérieures à 4.13.0-R6
Juniper Networks	N/A	Juniper Networks CTPView versions 7.3 antérieures à 7.3R7
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS on PTX Series versions 19.4 antérieures à 19.4R1-S4, 19.4R3-S5
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS on QFX Series versions 19.4 antérieures à 19.4R2-S3, 19.4R3-S1
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS on QFX Series versions 17.4 antérieures à 17.4R2-S13, 17.4R3-S4
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS on MX Series versions antérieures à 19.2R3-S2
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS on MX Series versions antérieures à 19.4R3-S3
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS versions 18.4 antérieures à 18.4R3-S9
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS on QFX Series versions 19.1 antérieures à 19.1R1-S6, 19.1R2-S2, 19.1R3-S4
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS versions 19.1 antérieures à 19.1R3-S7
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS versions 12.3X48 antérieures à 12.3X48-D105
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS versions 17.4 antérieures à 17.4R3-S5
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS on PTX Series versions 20.3 antérieures à 20.3R2-S1, 20.3R3
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS on MX Series versions antérieures à 21.1R2
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS on PTX Series versions 19.2 antérieures à 19.2R1-S7, 19.2R3-S3
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS versions 15.1 antérieures à 15.1R7-S10
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS on PTX Series versions antérieures à 18.4R3-S9
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS on PTX Series versions 20.1 antérieures à 20.1R2-S2, 20.1R3
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS on PTX Series versions 19.1 antérieures à 19.1R3-S6
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS on MX Series versions antérieures à 19.3R3-S3
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS on MX Series versions antérieures à 18.4R3-S8
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS on QFX Series versions 18.3 antérieures à 18.3R3-S4
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS on QFX Series versions 20.3 antérieures à 20.3R1-S1, 20.3R2
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS on MX Series versions antérieures à 19.2R1-S7
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS on MX Series versions antérieures à 21.1R1-S1
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS on MX Series versions antérieures à 17.4R3-S5
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS on QFX Series versions 18.1 antérieures à 18.1R3-S12
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS on MX Series versions antérieures à 18.1R3-S13
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS on MX Series versions antérieures à 18.3R3-S5
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS on QFX Series versions 18.2 antérieures à 18.2R2-S8, 18.2R3-S7
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS versions 19.4 antérieures à 19.4R3-S6
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS on MX Series versions antérieures à 20.3R3
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS on PTX Series versions 20.4 antérieures à 20.4R2-S1, 20.4R3
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS versions 20.2 antérieures à 20.2R3-S2
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS on MX Series versions antérieures à 17.3R3-S12
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS on QFX Series versions 19.3 antérieures à 19.3R3-S1
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS on MX Series versions antérieures à 19.1R3-S6
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS versions 20.3 antérieures à 20.3R3
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS on MX Series versions antérieures à 21.2R1
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS on QFX Series versions 18.4 antérieures à 18.4R1-S8, 18.4R2-S7, 18.4R3-S7
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS on QFX Series versions 19.2 antérieures à 19.2R1-S6, 19.2R3-S2
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS on PTX Series versions 20.2 antérieures à 20.2R3-S1
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS versions 15.1X49 antérieures à 15.1X49-D220
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS versions 21.1 antérieures à 21.1R2
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS versions 20.4 antérieures à 20.4R3
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS versions 19.3 antérieures à 19.3R3-S4
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS on MX Series versions antérieures à 19.3R2-S6
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS on MX Series versions antérieures à 20.1R2-S2
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS on QFX Series versions 20.1 antérieures à 20.1R2, 20.1R3
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS on QFX Series versions 20.2 antérieures à 20.2R2, 20.2R3
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS on QFX Series versions antérieures à 17.3R3-S11
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS on MX Series versions antérieures à 20.4R3
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS on PTX Series versions 19.3 antérieures à 19.3R2-S6, 19.3R3-S3
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS on MX Series versions antérieures à 20.2R3-S1
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS on MX Series versions antérieures à 20.1R3
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS versions antérieures à 18.2R3-S8
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS versions 19.2 antérieures à 19.2R3-S3
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS on PTX Series versions 21.1 antérieures à 21.1R1-S1, 21.1R2
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS versions 20.1 antérieures à 20.1R3-S1
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS versions 18.3 antérieures à 18.3R3-S5
Juniper Networks	Networks Junos OS	Juniper Networks Junos OS on MX Series versions antérieures à 20.4R2-S1
Juniper Networks	Networks Junos OS Evolved	Juniper Networks Junos OS Evolved versions 21.2-EVO antérieures à 21.2R2-EVO
Juniper Networks	Networks Junos OS Evolved	Juniper Networks Junos OS Evolved versions antérieures à 20.1R2-EVO sur PTX10003 et PTX10008 platforms
Juniper Networks	Networks Junos OS Evolved	Juniper Networks Junos OS Evolved toutes versions 21.1-EVO et 21.2-EVO
Juniper Networks	Networks Junos OS Evolved	Juniper Networks Junos OS Evolved versions antérieures à 21.2R2-EVO
Juniper Networks	Networks Junos OS Evolved	Juniper Networks Junos OS Evolved versions 21.1 antérieures à 21.1R2-EVO
Juniper Networks	Networks Junos OS Evolved	Juniper Networks Junos OS Evolved versions 20.4 antérieures à 20.4R2-EVO
Juniper Networks	Networks Junos OS Evolved	Juniper Networks Junos OS Evolved versions 20.3 antérieures à 20.3R1-S2-EVO
Juniper Networks	Networks Junos OS Evolved	Juniper Networks Junos OS Evolved versions 21.1-EVO antérieures à 21.1R2-EVO
Juniper Networks	Networks Junos OS Evolved	Juniper Networks Junos OS Evolved versions antérieures à 20.4R3-S1-EVO

References

Title

Publication Time

Tags

Bulletin de sécurité Juniper JSA11224 du 14 octobre 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11221 du 14 octobre 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11218 du 14 octobre 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11213 du 14 octobre 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11210 du 14 octobre 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11212 du 14 octobre 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11223 du 14 octobre 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11225 du 14 octobre 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11219 du 14 octobre 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11222 du 14 octobre 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11215 du 14 octobre 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11220 du 14 octobre 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11211 du 14 octobre 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11217 du 14 octobre 2021	None	vendor-advisory
Bulletin de sécurité Juniper JSA11216 du 14 octobre 2021	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Juniper Networks CTPView versions 9.1 ant\u00e9rieures \u00e0 9.1R3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks SRC Series versions ant\u00e9rieures \u00e0 4.13.0-R6",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks CTPView versions 7.3 ant\u00e9rieures \u00e0 7.3R7",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS on PTX Series versions 19.4 ant\u00e9rieures \u00e0 19.4R1-S4, 19.4R3-S5",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS on QFX Series versions 19.4 ant\u00e9rieures \u00e0 19.4R2-S3, 19.4R3-S1",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS on QFX Series versions 17.4 ant\u00e9rieures \u00e0 17.4R2-S13, 17.4R3-S4",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS on MX Series versions ant\u00e9rieures \u00e0 19.2R3-S2",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS on MX Series versions ant\u00e9rieures \u00e0 19.4R3-S3",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS versions 18.4 ant\u00e9rieures \u00e0 18.4R3-S9",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS on QFX Series versions 19.1 ant\u00e9rieures \u00e0 19.1R1-S6, 19.1R2-S2, 19.1R3-S4",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS versions 19.1 ant\u00e9rieures \u00e0 19.1R3-S7",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS versions 12.3X48 ant\u00e9rieures \u00e0 12.3X48-D105",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS versions 17.4 ant\u00e9rieures \u00e0 17.4R3-S5",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS on PTX Series versions 20.3 ant\u00e9rieures \u00e0 20.3R2-S1, 20.3R3",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS on MX Series versions ant\u00e9rieures \u00e0 21.1R2",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS on PTX Series versions 19.2 ant\u00e9rieures \u00e0 19.2R1-S7, 19.2R3-S3",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS versions 15.1 ant\u00e9rieures \u00e0 15.1R7-S10",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS on PTX Series versions ant\u00e9rieures \u00e0 18.4R3-S9",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS on PTX Series versions 20.1 ant\u00e9rieures \u00e0 20.1R2-S2, 20.1R3",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS on PTX Series versions 19.1 ant\u00e9rieures \u00e0 19.1R3-S6",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS on MX Series versions ant\u00e9rieures \u00e0 19.3R3-S3",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS on MX Series versions ant\u00e9rieures \u00e0 18.4R3-S8",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS on QFX Series versions 18.3 ant\u00e9rieures \u00e0 18.3R3-S4",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS on QFX Series versions 20.3 ant\u00e9rieures \u00e0 20.3R1-S1, 20.3R2",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS on MX Series versions ant\u00e9rieures \u00e0 19.2R1-S7",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS on MX Series versions ant\u00e9rieures \u00e0 21.1R1-S1",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS on MX Series versions ant\u00e9rieures \u00e0 17.4R3-S5",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS on QFX Series versions 18.1 ant\u00e9rieures \u00e0 18.1R3-S12",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS on MX Series versions ant\u00e9rieures \u00e0 18.1R3-S13",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS on MX Series versions ant\u00e9rieures \u00e0 18.3R3-S5",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS on QFX Series versions 18.2 ant\u00e9rieures \u00e0 18.2R2-S8, 18.2R3-S7",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS versions 19.4 ant\u00e9rieures \u00e0 19.4R3-S6",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS on MX Series versions ant\u00e9rieures \u00e0 20.3R3",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS on PTX Series versions 20.4 ant\u00e9rieures \u00e0 20.4R2-S1, 20.4R3",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS versions 20.2 ant\u00e9rieures \u00e0 20.2R3-S2",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS on MX Series versions ant\u00e9rieures \u00e0 17.3R3-S12",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS on QFX Series versions 19.3 ant\u00e9rieures \u00e0 19.3R3-S1",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS on MX Series versions ant\u00e9rieures \u00e0 19.1R3-S6",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS versions 20.3 ant\u00e9rieures \u00e0 20.3R3",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS on MX Series versions ant\u00e9rieures \u00e0 21.2R1",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS on QFX Series versions 18.4 ant\u00e9rieures \u00e0 18.4R1-S8, 18.4R2-S7, 18.4R3-S7",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS on QFX Series versions 19.2 ant\u00e9rieures \u00e0 19.2R1-S6, 19.2R3-S2",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS on PTX Series versions 20.2 ant\u00e9rieures \u00e0 20.2R3-S1",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS versions 15.1X49 ant\u00e9rieures \u00e0 15.1X49-D220",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS versions 21.1 ant\u00e9rieures \u00e0 21.1R2",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS versions 20.4 ant\u00e9rieures \u00e0 20.4R3",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS versions 19.3 ant\u00e9rieures \u00e0 19.3R3-S4",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS on MX Series versions ant\u00e9rieures \u00e0 19.3R2-S6",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS on MX Series versions ant\u00e9rieures \u00e0 20.1R2-S2",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS on QFX Series versions 20.1 ant\u00e9rieures \u00e0 20.1R2, 20.1R3",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS on QFX Series versions 20.2 ant\u00e9rieures \u00e0 20.2R2, 20.2R3",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS on QFX Series versions ant\u00e9rieures \u00e0 17.3R3-S11",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS on MX Series versions ant\u00e9rieures \u00e0 20.4R3",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS on PTX Series versions 19.3 ant\u00e9rieures \u00e0 19.3R2-S6, 19.3R3-S3",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS on MX Series versions ant\u00e9rieures \u00e0 20.2R3-S1",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS on MX Series versions ant\u00e9rieures \u00e0 20.1R3",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS versions ant\u00e9rieures \u00e0 18.2R3-S8",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS versions 19.2 ant\u00e9rieures \u00e0 19.2R3-S3",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS on PTX Series versions 21.1 ant\u00e9rieures \u00e0 21.1R1-S1, 21.1R2",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS versions 20.1 ant\u00e9rieures \u00e0 20.1R3-S1",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS versions 18.3 ant\u00e9rieures \u00e0 18.3R3-S5",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS on MX Series versions ant\u00e9rieures \u00e0 20.4R2-S1",
      "product": {
        "name": "Networks Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS Evolved versions 21.2-EVO ant\u00e9rieures \u00e0 21.2R2-EVO",
      "product": {
        "name": "Networks Junos OS Evolved",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS Evolved versions ant\u00e9rieures \u00e0 20.1R2-EVO sur PTX10003 et PTX10008 platforms",
      "product": {
        "name": "Networks Junos OS Evolved",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS Evolved toutes versions 21.1-EVO et 21.2-EVO",
      "product": {
        "name": "Networks Junos OS Evolved",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS Evolved versions ant\u00e9rieures \u00e0 21.2R2-EVO",
      "product": {
        "name": "Networks Junos OS Evolved",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS Evolved versions 21.1 ant\u00e9rieures \u00e0 21.1R2-EVO",
      "product": {
        "name": "Networks Junos OS Evolved",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS Evolved versions 20.4 ant\u00e9rieures \u00e0 20.4R2-EVO",
      "product": {
        "name": "Networks Junos OS Evolved",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS Evolved versions 20.3 ant\u00e9rieures \u00e0 20.3R1-S2-EVO",
      "product": {
        "name": "Networks Junos OS Evolved",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS Evolved versions 21.1-EVO ant\u00e9rieures \u00e0 21.1R2-EVO",
      "product": {
        "name": "Networks Junos OS Evolved",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Juniper Networks Junos OS Evolved versions ant\u00e9rieures \u00e0 20.4R3-S1-EVO",
      "product": {
        "name": "Networks Junos OS Evolved",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2021-0296",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0296"
    },
    {
      "name": "CVE-2021-31356",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31356"
    },
    {
      "name": "CVE-2021-31363",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31363"
    },
    {
      "name": "CVE-2021-0299",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0299"
    },
    {
      "name": "CVE-2021-31360",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31360"
    },
    {
      "name": "CVE-2021-31355",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31355"
    },
    {
      "name": "CVE-2021-31353",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31353"
    },
    {
      "name": "CVE-2021-31354",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31354"
    },
    {
      "name": "CVE-2021-0298",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0298"
    },
    {
      "name": "CVE-2021-31361",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31361"
    },
    {
      "name": "CVE-2021-31362",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31362"
    },
    {
      "name": "CVE-2021-31359",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31359"
    },
    {
      "name": "CVE-2021-31350",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31350"
    },
    {
      "name": "CVE-2021-31351",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31351"
    },
    {
      "name": "CVE-2021-31357",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31357"
    },
    {
      "name": "CVE-2021-31358",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31358"
    },
    {
      "name": "CVE-2021-0297",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-0297"
    },
    {
      "name": "CVE-2021-31352",
      "url": "https://www.cve.org/CVERecord?id=CVE-2021-31352"
    }
  ],
  "links": [],
  "reference": "CERTFR-2021-AVI-789",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2021-10-14T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nJuniper. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et un contournement de la politique de s\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11224 du 14 octobre 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11224\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11221 du 14 octobre 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11221\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11218 du 14 octobre 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11218\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11213 du 14 octobre 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11213\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11210 du 14 octobre 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11210\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11212 du 14 octobre 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11212\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11223 du 14 octobre 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11223\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11225 du 14 octobre 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11225\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11219 du 14 octobre 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11219\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11222 du 14 octobre 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11222\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11215 du 14 octobre 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11215\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11220 du 14 octobre 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11220\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11211 du 14 octobre 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11211\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11217 du 14 octobre 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11217\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA11216 du 14 octobre 2021",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11216\u0026cat=SIRT_1\u0026actp=LIST"
    }
  ]
}

FKIE_CVE-2021-31350

Vulnerability from fkie_nvd - Published: 2021-10-19 19:15 - Updated: 2024-11-21 06:05

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

References

	URL	Tags
	sirt@juniper.net	https://kb.juniper.net/JSA11215	Patch, Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://kb.juniper.net/JSA11215	Patch, Vendor Advisory

Impacted products

Vendor	Product	Version
juniper	junos	18.4
juniper	junos	18.4
juniper	junos	18.4
juniper	junos	18.4
juniper	junos	18.4
juniper	junos	18.4
juniper	junos	18.4
juniper	junos	18.4
juniper	junos	18.4
juniper	junos	18.4
juniper	junos	18.4
juniper	junos	19.1
juniper	junos	19.1
juniper	junos	19.1
juniper	junos	19.1
juniper	junos	19.1
juniper	junos	19.1
juniper	junos	19.1
juniper	junos	19.1
juniper	junos	19.1
juniper	junos	19.1
juniper	junos	19.1
juniper	junos	19.1
juniper	junos	19.2
juniper	junos	19.2
juniper	junos	19.2
juniper	junos	19.2
juniper	junos	19.2
juniper	junos	19.2
juniper	junos	19.2
juniper	junos	19.2
juniper	junos	19.2
juniper	junos	19.3
juniper	junos	19.3
juniper	junos	19.3
juniper	junos	19.3
juniper	junos	19.3
juniper	junos	19.3
juniper	junos	19.3
juniper	junos	19.3
juniper	junos	19.3
juniper	junos	19.3
juniper	junos	19.4
juniper	junos	19.4
juniper	junos	19.4
juniper	junos	19.4
juniper	junos	19.4
juniper	junos	19.4
juniper	junos	20.1
juniper	junos	20.1
juniper	junos	20.1
juniper	junos	20.1
juniper	junos	20.1
juniper	junos	20.1
juniper	junos	20.1
juniper	junos	20.1
juniper	junos	20.2
juniper	junos	20.2
juniper	junos	20.2
juniper	junos	20.2
juniper	junos	20.2
juniper	junos	20.2
juniper	junos	20.2
juniper	junos	20.2
juniper	junos	20.3
juniper	junos	20.3
juniper	junos	20.3
juniper	junos	20.3
juniper	junos	20.4
juniper	junos	20.4
juniper	junos_os_evolved	18.3
juniper	junos_os_evolved	19.1
juniper	junos_os_evolved	19.1
juniper	junos_os_evolved	19.2
juniper	junos_os_evolved	19.2
juniper	junos_os_evolved	19.3
juniper	junos_os_evolved	19.3
juniper	junos_os_evolved	19.4
juniper	junos_os_evolved	19.4
juniper	junos_os_evolved	20.1
juniper	junos_os_evolved	20.1
juniper	junos_os_evolved	20.1
juniper	junos_os_evolved	20.1
juniper	junos_os_evolved	20.1
juniper	junos_os_evolved	20.2
juniper	junos_os_evolved	20.2
juniper	junos_os_evolved	20.2
juniper	junos_os_evolved	20.3
juniper	junos_os_evolved	20.3
juniper	junos_os_evolved	20.3
juniper	junos_os_evolved	20.4
juniper	junos_os_evolved	21.1
juniper	junos_os_evolved	21.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.4:-:*:*:*:*:*:*",
              "matchCriteriaId": "74CA9010-D3DE-487B-B46F-589A48AB0F0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.4:r1:*:*:*:*:*:*",
              "matchCriteriaId": "A38F224C-8E9B-44F3-9D4F-6C9F04F57927",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.4:r1-s1:*:*:*:*:*:*",
              "matchCriteriaId": "853F146A-9A0F-49B6-AFD2-9907434212F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.4:r1-s2:*:*:*:*:*:*",
              "matchCriteriaId": "8F73B88B-E66C-4ACD-B38D-9365FB230ABA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.4:r1-s3:*:*:*:*:*:*",
              "matchCriteriaId": "EE1F82EC-3222-4158-8923-59CDA1909A9C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.4:r1-s4:*:*:*:*:*:*",
              "matchCriteriaId": "8FE95D15-B5E5-4E74-9464-C72D8B646A6B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.4:r1-s5:*:*:*:*:*:*",
              "matchCriteriaId": "C012CD07-706A-4E1C-B399-C55AEF5C8309",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.4:r1-s6:*:*:*:*:*:*",
              "matchCriteriaId": "A0C26E59-874A-4D87-9E7F-E366F4D65ED1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.4:r1-s7:*:*:*:*:*:*",
              "matchCriteriaId": "75902119-60D0-49F8-8E01-666E0F75935A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.4:r2-s8:*:*:*:*:*:*",
              "matchCriteriaId": "924C4EAC-2A52-45A9-BE0F-B62F070C3E3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.4:r3-s8:*:*:*:*:*:*",
              "matchCriteriaId": "44C4BE2C-814F-49AA-8B64-17245FC01270",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "768C0EB7-8456-4BF4-8598-3401A54D21DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "5332B70A-F6B0-4C3B-90E2-5CBFB3326126",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.1:r1-s1:*:*:*:*:*:*",
              "matchCriteriaId": "81439FE8-5405-45C2-BC04-9823D2009A77",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.1:r1-s2:*:*:*:*:*:*",
              "matchCriteriaId": "E506138D-043E-485D-B485-94A2AB75F8E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.1:r1-s3:*:*:*:*:*:*",
              "matchCriteriaId": "0EF3C901-3599-463F-BEFB-8858768DC195",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.1:r1-s4:*:*:*:*:*:*",
              "matchCriteriaId": "CD806778-A995-4A9B-9C05-F4D7B1CB1F7D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.1:r1-s5:*:*:*:*:*:*",
              "matchCriteriaId": "02B42BE8-1EF2-47F7-9F10-DE486A017EED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.1:r1-s6:*:*:*:*:*:*",
              "matchCriteriaId": "0B372356-D146-420B-95C3-381D0383B595",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.1:r2:*:*:*:*:*:*",
              "matchCriteriaId": "DCAB79C9-6639-4ED0-BEC9-E7C8229DF977",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.1:r2-s1:*:*:*:*:*:*",
              "matchCriteriaId": "C8CF858F-84BB-4AEA-B829-FCF22C326160",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.1:r2-s2:*:*:*:*:*:*",
              "matchCriteriaId": "92292C23-DC38-42F1-97C1-8416BBB60FA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.1:r3-s5:*:*:*:*:*:*",
              "matchCriteriaId": "8120EAC3-DCCB-4429-A372-C0DAA3270A1F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.2:-:*:*:*:*:*:*",
              "matchCriteriaId": "0E7545CE-6300-4E81-B5AF-2BE150C1B190",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.2:r1:*:*:*:*:*:*",
              "matchCriteriaId": "4CA3060F-1800-4A06-A453-FB8CE4B65312",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.2:r1-s1:*:*:*:*:*:*",
              "matchCriteriaId": "9A5B337A-727C-4767-AD7B-E0F7F99EB46F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.2:r1-s2:*:*:*:*:*:*",
              "matchCriteriaId": "16FDE60B-7A99-4683-BC14-530B5B005F8B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.2:r1-s3:*:*:*:*:*:*",
              "matchCriteriaId": "725D8C27-E4F8-4394-B4EC-B49B6D3C2709",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.2:r1-s4:*:*:*:*:*:*",
              "matchCriteriaId": "8233C3AB-470E-4D13-9BFD-C9E90918FD0B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.2:r1-s5:*:*:*:*:*:*",
              "matchCriteriaId": "5F7A233A-D4F6-46FA-92E9-2ACE13E4A6A4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.2:r1-s6:*:*:*:*:*:*",
              "matchCriteriaId": "ADCE4EA8-DDBA-4766-BB81-E4DA29723723",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.2:r3-s2:*:*:*:*:*:*",
              "matchCriteriaId": "920FE638-BDE6-403D-9083-2BDBF6A3326F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.3:-:*:*:*:*:*:*",
              "matchCriteriaId": "59006503-B2CA-4F79-AC13-7C5615A74CE5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.3:r1:*:*:*:*:*:*",
              "matchCriteriaId": "B8110DA9-54B1-43CF-AACB-76EABE0C9EF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.3:r1-s1:*:*:*:*:*:*",
              "matchCriteriaId": "11B5CC5A-1959-4113-BFCF-E4BA63D918C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.3:r2:*:*:*:*:*:*",
              "matchCriteriaId": "33F08A33-EF80-4D86-9A9A-9DF147B9B6D3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.3:r2-s1:*:*:*:*:*:*",
              "matchCriteriaId": "AF24ACBD-5F84-47B2-BFF3-E9A56666269C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.3:r2-s2:*:*:*:*:*:*",
              "matchCriteriaId": "3935A586-41BD-4FA5-9596-DED6F0864777",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.3:r2-s3:*:*:*:*:*:*",
              "matchCriteriaId": "B83FB539-BD7C-4BEE-9022-098F73902F38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.3:r2-s4:*:*:*:*:*:*",
              "matchCriteriaId": "7659AC36-A5EA-468A-9793-C1EC914D36F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.3:r2-s5:*:*:*:*:*:*",
              "matchCriteriaId": "E0E018E1-568E-40F2-ADA5-F71509811879",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.3:r3-s2:*:*:*:*:*:*",
              "matchCriteriaId": "D3FEA876-302D-4F07-94E6-237C669538F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.4:r1:*:*:*:*:*:*",
              "matchCriteriaId": "DC743EE4-8833-452A-94DB-655BF139F883",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.4:r1-s1:*:*:*:*:*:*",
              "matchCriteriaId": "FE96A8EA-FFE3-4D8F-9266-21899149D634",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.4:r1-s2:*:*:*:*:*:*",
              "matchCriteriaId": "C12A75C6-2D00-4202-B861-00FF71585FA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.4:r1-s3:*:*:*:*:*:*",
              "matchCriteriaId": "70FF3DD4-14CB-435D-8529-0480EB853F60",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.4:r2-s4:*:*:*:*:*:*",
              "matchCriteriaId": "760E2418-B945-4467-BDAC-7702DDF4C4EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.4:r3-s3:*:*:*:*:*:*",
              "matchCriteriaId": "0886EFA6-47E3-4C1D-A278-D3891A487FED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "8328FDE6-9707-4142-B905-3B07C0E28E35",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.1:r1-s1:*:*:*:*:*:*",
              "matchCriteriaId": "41CD982F-E6F2-4951-9F96-A76C142DF08E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.1:r1-s2:*:*:*:*:*:*",
              "matchCriteriaId": "19FDC05F-5582-4F7E-B628-E58A3C0E7F2F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.1:r1-s3:*:*:*:*:*:*",
              "matchCriteriaId": "401306D1-E9CE-49C6-8DC9-0E8747B9DC2C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.1:r1-s4:*:*:*:*:*:*",
              "matchCriteriaId": "615EAF48-AD53-4CC2-B233-5EA5C0F72CB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.1:r2:*:*:*:*:*:*",
              "matchCriteriaId": "DC8E7547-6649-436D-BC45-184417680C72",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.1:r2-s1:*:*:*:*:*:*",
              "matchCriteriaId": "D9789FF8-D55C-4AF9-A250-E543A0EB826F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.1:r3:*:*:*:*:*:*",
              "matchCriteriaId": "C21638A9-6AD8-4347-AA3F-64BC7BD71C0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.2:r1:*:*:*:*:*:*",
              "matchCriteriaId": "CD07B7E2-F5C2-4610-9133-FDA9E66DFF4F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.2:r1-s1:*:*:*:*:*:*",
              "matchCriteriaId": "D3C23AEB-34DE-44FB-8D64-E69D6E8B7401",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.2:r1-s2:*:*:*:*:*:*",
              "matchCriteriaId": "18DB9401-5A51-4BB3-AC2F-58F58F1C788C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.2:r1-s3:*:*:*:*:*:*",
              "matchCriteriaId": "06F53DA5-59AE-403C-9B1E-41CE267D8BB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.2:r2:*:*:*:*:*:*",
              "matchCriteriaId": "3332262F-81DA-4D78-99C9-514CADA46611",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.2:r2-s1:*:*:*:*:*:*",
              "matchCriteriaId": "B46B63A2-1518-4A29-940C-F05624C9658D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.2:r2-s2:*:*:*:*:*:*",
              "matchCriteriaId": "8E0D4959-3865-42A7-98CD-1103EBD84528",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.2:r3:*:*:*:*:*:*",
              "matchCriteriaId": "681AE183-7183-46E7-82EA-28C398FA1C3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.3:r1:*:*:*:*:*:*",
              "matchCriteriaId": "5C9BC697-C7C9-447D-9EBD-E9711462583E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.3:r1-s1:*:*:*:*:*:*",
              "matchCriteriaId": "7B80433B-57B1-49EF-B1A1-83781D6102E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.3:r2:*:*:*:*:*:*",
              "matchCriteriaId": "05D8427C-CDDE-4B2F-9CB8-41B9137660E4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.3:r3:*:*:*:*:*:*",
              "matchCriteriaId": "7DA0E196-925E-4056-B411-E158702D5D4F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.4:r1:*:*:*:*:*:*",
              "matchCriteriaId": "20DDC6B7-BFC4-4F0B-8E68-442C23765BF2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.4:r1-s1:*:*:*:*:*:*",
              "matchCriteriaId": "037BA01C-3F5C-4503-A633-71765E9EF774",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos_os_evolved:18.3:r1:*:*:*:*:*:*",
              "matchCriteriaId": "7E72627C-4793-4F22-B769-A3FFB77E7DE1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos_os_evolved:19.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "2C3245C5-9EE1-490C-B7C7-5C02F155DDD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos_os_evolved:19.1:r2:*:*:*:*:*:*",
              "matchCriteriaId": "01A9BD92-5865-455D-9585-098DCFCC24DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos_os_evolved:19.2:r1:*:*:*:*:*:*",
              "matchCriteriaId": "914D6984-1820-483B-AEB9-2C5257B5E900",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos_os_evolved:19.2:r2:*:*:*:*:*:*",
              "matchCriteriaId": "14C57D33-01BB-4190-B787-F5BDACE82AFD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos_os_evolved:19.3:r1:*:*:*:*:*:*",
              "matchCriteriaId": "6480A5C9-3280-40C5-BC08-509555F28363",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos_os_evolved:19.3:r2:*:*:*:*:*:*",
              "matchCriteriaId": "2D3C2D74-AF22-4BED-A0C5-089B5507D275",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos_os_evolved:19.4:r1:*:*:*:*:*:*",
              "matchCriteriaId": "83447F3F-79A3-41DF-8FD1-31DCFCBE40A4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos_os_evolved:19.4:r1-s1:*:*:*:*:*:*",
              "matchCriteriaId": "1699821F-FBC6-4EB9-94E5-96AF1E4E4FDE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos_os_evolved:20.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "F64FBB4B-7CBF-499B-A523-804857DEFAFA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos_os_evolved:20.1:r1-s1:*:*:*:*:*:*",
              "matchCriteriaId": "EEBE159F-5D94-4C18-B922-331586BEA2CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos_os_evolved:20.1:r2:*:*:*:*:*:*",
              "matchCriteriaId": "A38EBFC9-ECBD-4362-82B2-04C02009E85C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos_os_evolved:20.1:r2-s1:*:*:*:*:*:*",
              "matchCriteriaId": "0DF7C3A8-1279-4F38-9548-85AC7D6290FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos_os_evolved:20.1:r2-s2:*:*:*:*:*:*",
              "matchCriteriaId": "50D38F97-81B0-4952-A1E3-0A9AA4D34820",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos_os_evolved:20.2:r1:*:*:*:*:*:*",
              "matchCriteriaId": "FCA8D4D2-D49D-4F91-95E2-2A0E8599338A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos_os_evolved:20.2:r1-s1:*:*:*:*:*:*",
              "matchCriteriaId": "FF37C911-1904-475A-86F7-F92F34A1A88F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos_os_evolved:20.2:r2:*:*:*:*:*:*",
              "matchCriteriaId": "DDFFE53D-202D-4396-A470-0A09F3320375",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos_os_evolved:20.3:r1:*:*:*:*:*:*",
              "matchCriteriaId": "4AFB91E3-CAAC-429F-A869-DDD40FB0F84D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos_os_evolved:20.3:r1-s1:*:*:*:*:*:*",
              "matchCriteriaId": "0A9CA997-2DDA-4808-B2AE-8804FEB798B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos_os_evolved:20.3:r2:*:*:*:*:*:*",
              "matchCriteriaId": "423843B3-B2BE-427B-B625-4E3146D26390",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos_os_evolved:20.4:r1:*:*:*:*:*:*",
              "matchCriteriaId": "C9C8866D-162F-4C9B-8167-2FBA25410368",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "734DE5D8-198D-41C5-9320-F704FE664591",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.1:r1-s1:*:*:*:*:*:*",
              "matchCriteriaId": "0099BDA9-9D4B-4D6C-8234-EFD9E8C63476",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An Improper Privilege Management vulnerability in the gRPC framework, used by the Juniper Extension Toolkit (JET) API on Juniper Networks Junos OS and Junos OS Evolved, allows a network-based, low-privileged authenticated attacker to perform operations as root, leading to complete compromise of the targeted system. The issue is caused by the JET service daemon (jsd) process authenticating the user, then passing configuration operations directly to the management daemon (mgd) process, which runs as root. This issue affects Juniper Networks Junos OS: 18.4 versions prior to 18.4R1-S8, 18.4R2-S8, 18.4R3-S8; 19.1 versions prior to 19.1R2-S3, 19.1R3-S5; 19.2 versions prior to 19.2R1-S7, 19.2R3-S2; 19.3 versions prior to 19.3R2-S6, 19.3R3-S2; 19.4 versions prior to 19.4R1-S4, 19.4R2-S4, 19.4R3-S3; 20.1 versions prior to 20.1R2-S2, 20.1R3; 20.2 versions prior to 20.2R2-S3, 20.2R3; 20.3 versions prior to 20.3R2-S1, 20.3R3; 20.4 versions prior to 20.4R2. This issue does not affect Juniper Networks Junos OS versions prior to 18.4R1. Juniper Networks Junos OS Evolved: All versions prior to 20.4R2-EVO; 21.1-EVO versions prior to 21.1R2-EVO."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad de administraci\u00f3n de privilegios inapropiada en el marco gRPC, usado por la API de Juniper Extension Toolkit (JET) en Juniper Networks Junos OS y Junos OS Evolved, permite a un atacante autenticado poco privilegiado basado en la red llevar a cabo operaciones como root, conllevando a un compromiso completo del sistema objetivo. El problema est\u00e1 causado por el proceso del demonio de servicio JET (jsd) autenticando al usuario y luego pasa las operaciones de configuraci\u00f3n directamente al proceso del demonio de administraci\u00f3n (mgd), que se ejecuta como root. Este problema afecta a Juniper Networks Junos OS versiones: versiones 18.4 anteriores a 18.4R1-S8, 18.4R2-S8, 18.4R3-S8; versiones 19.1 anteriores a 19.1R2-S3, 19.1R3-S5; versiones 19.2 anteriores a 19.2R1-S7, 19.2R3-S2; versiones 19.3 anteriores a 19.3R2-S6, 19.3R3-S2; 19. 4 versiones anteriores a 19.4R1-S4, 19.4R2-S4, 19.4R3-S3; versiones 20.1 anteriores a 20.1R2-S2, 20.1R3; versiones 20.2 anteriores a 20.2R2-S3, 20.2R3; versiones 20.3 anteriores a 20.3R2-S1, 20.3R3; versiones 20.4 anteriores a 20.4R2. Este problema no afecta a las versiones de Juniper Networks Junos OS anteriores a 18.4R1. Juniper Networks Junos OS Evolved: Todas las versiones anteriores a 20.4R2-EVO; versiones 21.1-EVO anteriores a 21.1R2-EVO"
    }
  ],
  "id": "CVE-2021-31350",
  "lastModified": "2024-11-21T06:05:28.517",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.6,
        "impactScore": 5.9,
        "source": "sirt@juniper.net",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-10-19T19:15:08.537",
  "references": [
    {
      "source": "sirt@juniper.net",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://kb.juniper.net/JSA11215"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://kb.juniper.net/JSA11215"
    }
  ],
  "sourceIdentifier": "sirt@juniper.net",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-269"
        }
      ],
      "source": "sirt@juniper.net",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-269"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

VAR-202110-0386

Vulnerability from variot - Updated: 2023-12-18 14:04

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202110-0386",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "junos os evolved",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "juniper",
        "version": "20.2"
      },
      {
        "model": "junos os evolved",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "juniper",
        "version": "21.1"
      },
      {
        "model": "junos os evolved",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "juniper",
        "version": "19.2"
      },
      {
        "model": "junos",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "juniper",
        "version": "19.4"
      },
      {
        "model": "junos",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "juniper",
        "version": "20.3"
      },
      {
        "model": "junos",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "juniper",
        "version": "19.3"
      },
      {
        "model": "junos",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "juniper",
        "version": "20.1"
      },
      {
        "model": "junos os evolved",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "juniper",
        "version": "19.1"
      },
      {
        "model": "junos",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "juniper",
        "version": "20.2"
      },
      {
        "model": "junos os evolved",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "juniper",
        "version": "20.4"
      },
      {
        "model": "junos",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "juniper",
        "version": "18.4"
      },
      {
        "model": "junos",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "juniper",
        "version": "19.2"
      },
      {
        "model": "junos os evolved",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "juniper",
        "version": "20.3"
      },
      {
        "model": "junos os evolved",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "juniper",
        "version": "19.3"
      },
      {
        "model": "junos os evolved",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "juniper",
        "version": "19.4"
      },
      {
        "model": "junos os evolved",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "juniper",
        "version": "18.3"
      },
      {
        "model": "junos",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "juniper",
        "version": "19.1"
      },
      {
        "model": "junos os evolved",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "juniper",
        "version": "20.1"
      },
      {
        "model": "junos",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "juniper",
        "version": "20.4"
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2021-31350"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:18.4:-:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:18.4:r1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:18.4:r1-s1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:18.4:r1-s2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:18.4:r1-s3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:18.4:r1-s4:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:18.4:r1-s5:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:18.4:r1-s6:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:18.4:r1-s7:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:18.4:r2-s8:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:18.4:r3-s8:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.1:-:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.1:r1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.1:r1-s1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.1:r1-s2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.1:r1-s3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.1:r1-s4:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.1:r1-s5:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.1:r1-s6:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.1:r2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.1:r2-s1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.1:r2-s2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.1:r3-s5:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.2:-:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.2:r1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.2:r1-s1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.2:r1-s2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.2:r1-s3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.2:r1-s4:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.2:r1-s5:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.2:r1-s6:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.2:r3-s2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.3:-:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.3:r1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.3:r1-s1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.3:r2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.3:r2-s1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.3:r2-s2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.3:r2-s3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.3:r2-s4:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.3:r2-s5:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.3:r3-s2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.4:r1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.4:r1-s1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.4:r1-s2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.4:r1-s3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.4:r2-s4:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:19.4:r3-s3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:20.1:r1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:20.1:r1-s1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:20.1:r1-s2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:20.1:r1-s3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:20.1:r1-s4:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:20.1:r2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:20.1:r2-s1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:20.1:r3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:20.2:r1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:20.2:r1-s1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:20.2:r1-s2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:20.2:r1-s3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:20.2:r2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:20.2:r2-s1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:20.2:r2-s2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:20.2:r3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:20.3:r1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:20.3:r1-s1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:20.3:r2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:20.3:r3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:20.4:r1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos:20.4:r1-s1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos_os_evolved:18.3:r1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos_os_evolved:19.1:r1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos_os_evolved:19.1:r2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos_os_evolved:19.2:r1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos_os_evolved:19.2:r2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos_os_evolved:19.3:r1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos_os_evolved:19.3:r2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos_os_evolved:19.4:r1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos_os_evolved:19.4:r1-s1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos_os_evolved:20.1:r1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos_os_evolved:20.1:r1-s1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos_os_evolved:20.1:r2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos_os_evolved:20.1:r2-s1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos_os_evolved:20.1:r2-s2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos_os_evolved:20.2:r1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos_os_evolved:20.2:r1-s1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos_os_evolved:20.2:r2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos_os_evolved:20.3:r1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos_os_evolved:20.3:r1-s1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos_os_evolved:20.3:r2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos_os_evolved:20.4:r1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos_os_evolved:21.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos_os_evolved:21.1:r1-s1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2021-31350"
      }
    ]
  },
  "cve": "CVE-2021-31350",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "NVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.0,
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.0,
            "id": "VHN-391098",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:S/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "VULMON",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.0,
            "id": "CVE-2021-31350",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "HIGH",
            "trust": 0.1,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "NVD",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 2.8,
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "author": "sirt@juniper.net",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 1.6,
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2021-31350",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "sirt@juniper.net",
            "id": "CVE-2021-31350",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202110-971",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-391098",
            "trust": 0.1,
            "value": "HIGH"
          },
          {
            "author": "VULMON",
            "id": "CVE-2021-31350",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-391098"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-31350"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-31350"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-31350"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202110-971"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "An Improper Privilege Management vulnerability in the gRPC framework, used by the Juniper Extension Toolkit (JET) API on Juniper Networks Junos OS and Junos OS Evolved, allows a network-based, low-privileged authenticated attacker to perform operations as root, leading to complete compromise of the targeted system. The issue is caused by the JET service daemon (jsd) process authenticating the user, then passing configuration operations directly to the management daemon (mgd) process, which runs as root. This issue affects Juniper Networks Junos OS: 18.4 versions prior to 18.4R1-S8, 18.4R2-S8, 18.4R3-S8; 19.1 versions prior to 19.1R2-S3, 19.1R3-S5; 19.2 versions prior to 19.2R1-S7, 19.2R3-S2; 19.3 versions prior to 19.3R2-S6, 19.3R3-S2; 19.4 versions prior to 19.4R1-S4, 19.4R2-S4, 19.4R3-S3; 20.1 versions prior to 20.1R2-S2, 20.1R3; 20.2 versions prior to 20.2R2-S3, 20.2R3; 20.3 versions prior to 20.3R2-S1, 20.3R3; 20.4 versions prior to 20.4R2. This issue does not affect Juniper Networks Junos OS versions prior to 18.4R1. Juniper Networks Junos OS Evolved: All versions prior to 20.4R2-EVO; 21.1-EVO versions prior to 21.1R2-EVO. The operating system provides a secure programming interface and Junos SDK. There is no relevant information about this vulnerability at present. Please pay attention to CNNVD or manufacturer announcements at any time",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2021-31350"
      },
      {
        "db": "VULHUB",
        "id": "VHN-391098"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-31350"
      }
    ],
    "trust": 1.08
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2021-31350",
        "trust": 1.8
      },
      {
        "db": "JUNIPER",
        "id": "JSA11215",
        "trust": 1.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202110-971",
        "trust": 0.7
      },
      {
        "db": "CS-HELP",
        "id": "SB2021101913",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2021.3434",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-391098",
        "trust": 0.1
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-31350",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-391098"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-31350"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-31350"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202110-971"
      }
    ]
  },
  "id": "VAR-202110-0386",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-391098"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2023-12-18T14:04:12.856000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Juniper Networks Junos OS Security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=166586"
      }
    ],
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202110-971"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-269",
        "trust": 1.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-391098"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-31350"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.8,
        "url": "https://kb.juniper.net/jsa11215"
      },
      {
        "trust": 0.6,
        "url": "https://www.cybersecurity-help.cz/vdb/sb2021101913"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2021.3434"
      },
      {
        "trust": 0.6,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-31350"
      },
      {
        "trust": 0.6,
        "url": "https://vigilance.fr/vulnerability/junos-os-multiple-vulnerabilities-36656"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/269.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-391098"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-31350"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-31350"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202110-971"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-391098"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-31350"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-31350"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202110-971"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2021-10-19T00:00:00",
        "db": "VULHUB",
        "id": "VHN-391098"
      },
      {
        "date": "2021-10-19T00:00:00",
        "db": "VULMON",
        "id": "CVE-2021-31350"
      },
      {
        "date": "2021-10-19T19:15:08.537000",
        "db": "NVD",
        "id": "CVE-2021-31350"
      },
      {
        "date": "2021-10-13T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202110-971"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2021-10-25T00:00:00",
        "db": "VULHUB",
        "id": "VHN-391098"
      },
      {
        "date": "2021-10-25T00:00:00",
        "db": "VULMON",
        "id": "CVE-2021-31350"
      },
      {
        "date": "2021-10-25T12:58:38.770000",
        "db": "NVD",
        "id": "CVE-2021-31350"
      },
      {
        "date": "2021-10-26T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202110-971"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202110-971"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Juniper Networks Junos OS Security hole",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202110-971"
      }
    ],
    "trust": 0.6
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "other",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202110-971"
      }
    ],
    "trust": 0.6
  }
}

GHSA-8JXQ-FCR2-68JW

Vulnerability from github – Published: 2022-05-24 19:17 – Updated: 2022-05-24 19:17

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2021-31350"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-269"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-10-19T19:15:00Z",
    "severity": "HIGH"
  },
  "details": "An Improper Privilege Management vulnerability in the gRPC framework, used by the Juniper Extension Toolkit (JET) API on Juniper Networks Junos OS and Junos OS Evolved, allows a network-based, low-privileged authenticated attacker to perform operations as root, leading to complete compromise of the targeted system. The issue is caused by the JET service daemon (jsd) process authenticating the user, then passing configuration operations directly to the management daemon (mgd) process, which runs as root. This issue affects Juniper Networks Junos OS: 18.4 versions prior to 18.4R1-S8, 18.4R2-S8, 18.4R3-S8; 19.1 versions prior to 19.1R2-S3, 19.1R3-S5; 19.2 versions prior to 19.2R1-S7, 19.2R3-S2; 19.3 versions prior to 19.3R2-S6, 19.3R3-S2; 19.4 versions prior to 19.4R1-S4, 19.4R2-S4, 19.4R3-S3; 20.1 versions prior to 20.1R2-S2, 20.1R3; 20.2 versions prior to 20.2R2-S3, 20.2R3; 20.3 versions prior to 20.3R2-S1, 20.3R3; 20.4 versions prior to 20.4R2. This issue does not affect Juniper Networks Junos OS versions prior to 18.4R1. Juniper Networks Junos OS Evolved: All versions prior to 20.4R2-EVO; 21.1-EVO versions prior to 21.1R2-EVO.",
  "id": "GHSA-8jxq-fcr2-68jw",
  "modified": "2022-05-24T19:17:55Z",
  "published": "2022-05-24T19:17:55Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-31350"
    },
    {
      "type": "WEB",
      "url": "https://kb.juniper.net/JSA11215"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2021-31350 (GCVE-0-2021-31350)

GSD-2021-31350

CERTFR-2021-AVI-789

Solution

CERTFR-2021-AVI-789

Solution

FKIE_CVE-2021-31350

VAR-202110-0386

GHSA-8JXQ-FCR2-68JW

Tags

Sightings

Nomenclature