CVE-2021-0252

Common vulnerabilities & exposures (CVE)

CVE database CVE database blogpost Release & EoL database

Published at: - 22-04-2021 10:15

Last modified: - 12-05-2022 04:05

Total changes: - 4

Description

NFX Series devices using Juniper Networks Junos OS are susceptible to a local code execution vulnerability thereby allowing an attacker to elevate their privileges via the Junos Device Management Daemon (JDMD) process. This issue affects Juniper Networks Junos OS on NFX Series: 18.1 version 18.1R1 and later versions prior to 18.2R3-S5; 18.3 versions prior to 18.3R2-S4, 18.3R3-S3; 18.4 versions prior to 18.4R2-S5, 18.4R3-S4; 19.1 versions prior to 19.1R1-S3, 19.1R2; 19.2 versions prior to 19.2R1-S5, 19.2R2. This issue does not affect: Juniper Networks Junos OS versions prior to 18.1R1. This issue does not affect the JDMD as used by Junos Node Slicing such as External Servers use in conjunction with Junos Node Slicing and In-Chassis Junos Node Slicing on MX480, MX960, MX2008, MX2010, MX2020.

Common Vulnerability Scoring System (CVSS)

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Low

Attack complexity

Local

Attack vector

High

Availability

High

Confidentiality

High

Integrity

Low

Privileges required

Unchanged

Scope

None

User interaction

7.8

Base score

1.8

5.9

Exploitability score

Impact score

Verification logic

AND

vendor=juniper AND product=junos AND version=18.1 AND update=r1

vendor=juniper AND product=junos AND version=18.1 AND update=r3

vendor=juniper AND product=junos AND version=18.1 AND update=r2

vendor=juniper AND product=junos AND version=18.2 AND update=-

vendor=juniper AND product=junos AND version=18.2 AND update=r2-s1

vendor=juniper AND product=junos AND version=18.2 AND update=r2-s2

vendor=juniper AND product=junos AND version=18.2 AND update=r1-s3

vendor=juniper AND product=junos AND version=18.3 AND update=r1-s1

vendor=juniper AND product=junos AND version=18.3 AND update=r2

vendor=juniper AND product=junos AND version=18.3 AND update=r1

vendor=juniper AND product=junos AND version=18.1 AND update=r2-s1

vendor=juniper AND product=junos AND version=18.1 AND update=r2-s2

vendor=juniper AND product=junos AND version=18.1 AND update=r2-s4

vendor=juniper AND product=junos AND version=18.1 AND update=r3-s1

vendor=juniper AND product=junos AND version=18.1 AND update=r3-s2

vendor=juniper AND product=junos AND version=18.1 AND update=r3-s3

vendor=juniper AND product=junos AND version=18.1 AND update=r3-s4

vendor=juniper AND product=junos AND version=18.1 AND update=r3-s5

vendor=juniper AND product=junos AND version=18.2 AND update=r1 AND edition=-

vendor=juniper AND product=junos AND version=18.2 AND update=r1-s4

vendor=juniper AND product=junos AND version=18.2 AND update=r1-s5

vendor=juniper AND product=junos AND version=18.2 AND update=r2-s3

vendor=juniper AND product=junos AND version=18.2 AND update=r2-s4

vendor=juniper AND product=junos AND version=18.3 AND update=-

vendor=juniper AND product=junos AND version=18.3 AND update=r1-s2

vendor=juniper AND product=junos AND version=18.3 AND update=r1-s3

vendor=juniper AND product=junos AND version=18.3 AND update=r1-s4

vendor=juniper AND product=junos AND version=18.4 AND update=-

vendor=juniper AND product=junos AND version=18.4 AND update=r1

vendor=juniper AND product=junos AND version=18.4 AND update=r1-s1

vendor=juniper AND product=junos AND version=18.1 AND update=r3-s6

vendor=juniper AND product=junos AND version=18.1 AND update=r3-s7

vendor=juniper AND product=junos AND version=18.1 AND update=r3-s8

vendor=juniper AND product=junos AND version=18.1 AND update=r3-s9

vendor=juniper AND product=junos AND version=18.2 AND update=r2

vendor=juniper AND product=junos AND version=18.2 AND update=r2-s5

vendor=juniper AND product=junos AND version=18.2 AND update=r2-s6

vendor=juniper AND product=junos AND version=18.2 AND update=r3

vendor=juniper AND product=junos AND version=18.2 AND update=r3-s1

vendor=juniper AND product=junos AND version=18.2 AND update=r3-s2

vendor=juniper AND product=junos AND version=18.2 AND update=r3-s3

vendor=juniper AND product=junos AND version=18.2 AND update=r3-s4

vendor=juniper AND product=junos AND version=18.3 AND update=r1-s5

vendor=juniper AND product=junos AND version=18.3 AND update=r1-s6

vendor=juniper AND product=junos AND version=18.3 AND update=r2-s1

vendor=juniper AND product=junos AND version=18.3 AND update=r2-s2

vendor=juniper AND product=junos AND version=18.3 AND update=r2-s3

vendor=juniper AND product=junos AND version=18.3 AND update=r3

vendor=juniper AND product=junos AND version=18.3 AND update=r3-s1

vendor=juniper AND product=junos AND version=18.4 AND update=r1-s2

vendor=juniper AND product=junos AND version=18.4 AND update=r1-s3

vendor=juniper AND product=junos AND version=18.4 AND update=r1-s4

vendor=juniper AND product=junos AND version=18.4 AND update=r1-s5

vendor=juniper AND product=junos AND version=18.4 AND update=r1-s6

vendor=juniper AND product=junos AND version=18.4 AND update=r2

vendor=juniper AND product=junos AND version=18.4 AND update=r2-s1

vendor=juniper AND product=junos AND version=18.4 AND update=r2-s2

vendor=juniper AND product=junos AND version=18.4 AND update=r2-s3

vendor=juniper AND product=junos AND version=18.4 AND update=r3

vendor=juniper AND product=junos AND version=18.4 AND update=r3-s2

vendor=juniper AND product=junos AND version=19.1 AND update=-

vendor=juniper AND product=junos AND version=19.1 AND update=r1

vendor=juniper AND product=junos AND version=19.1 AND update=r1-s1

vendor=juniper AND product=junos AND version=19.1 AND update=r1-s2

vendor=juniper AND product=junos AND version=19.2 AND update=-

vendor=juniper AND product=junos AND version=19.2 AND update=r1

vendor=juniper AND product=junos AND version=19.2 AND update=r1-s1

vendor=juniper AND product=junos AND version=19.2 AND update=r1-s2

vendor=juniper AND product=junos AND version=19.2 AND update=r1-s3

vendor=juniper AND product=junos AND version=19.2 AND update=r1-s4

vendor=juniper AND product=junos AND version=18.1 AND update=r3-s10

vendor=juniper AND product=junos AND version=18.1 AND update=r3-s11

vendor=juniper AND product=junos AND version=18.1 AND update=r3-s12

vendor=juniper AND product=junos AND version=18.2 AND update=r1-s2

vendor=juniper AND product=junos AND version=18.2 AND update=r2-s7

vendor=juniper AND product=junos AND version=18.3 AND update=r3-s2

vendor=juniper AND product=junos AND version=18.4 AND update=r1-s7

vendor=juniper AND product=junos AND version=18.4 AND update=r2-s4

vendor=juniper AND product=junos AND version=18.4 AND update=r3-s1

vendor=juniper AND product=junos AND version=18.4 AND update=r3-s3

vendor=juniper AND product=nfx250 AND version=-

vendor=juniper AND product=nfx150 AND version=-

vendor=juniper AND product=nfx350 AND version=-

Reference

Keywords

CVE-2021-0252

Common vulnerabilities & exposures (CVE)

Description

Common Vulnerability Scoring System (CVSS)

Verification logic

Reference

NVD

CVE-2021-0252

CVE

Common vulnerabilities & exposures

CVSS

Common vulnerability scoring system

Security

Vulnerabilities

Exposures