CVE-2021-0252

{"id": "CVE-2021-0252", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.6, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}, {"type": "Secondary", "source": "sirt@juniper.net", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2021-04-22T20:15:09.390", "references": [{"url": "https://github.com/orangecertcc/security-research/security/advisories/GHSA-gr7j-26pv-5v57", "tags": ["Exploit", "Third Party Advisory"], "source": "sirt@juniper.net"}, {"url": "https://kb.juniper.net/JSA11145", "tags": ["Vendor Advisory"], "source": "sirt@juniper.net"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "sirt@juniper.net", "description": [{"lang": "en", "value": "CWE-77"}]}, {"type": "Secondary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-77"}]}], "descriptions": [{"lang": "en", "value": "NFX Series devices using Juniper Networks Junos OS are susceptible to a local code execution vulnerability thereby allowing an attacker to elevate their privileges via the Junos Device Management Daemon (JDMD) process. This issue affects Juniper Networks Junos OS on NFX Series: 18.1 version 18.1R1 and later versions prior to 18.2R3-S5; 18.3 versions prior to 18.3R2-S4, 18.3R3-S3; 18.4 versions prior to 18.4R2-S5, 18.4R3-S4; 19.1 versions prior to 19.1R1-S3, 19.1R2; 19.2 versions prior to 19.2R1-S5, 19.2R2. This issue does not affect: Juniper Networks Junos OS versions prior to 18.1R1. This issue does not affect the JDMD as used by Junos Node Slicing such as External Servers use in conjunction with Junos Node Slicing and In-Chassis Junos Node Slicing on MX480, MX960, MX2008, MX2010, MX2020."}, {"lang": "es", "value": "Los dispositivos de la Serie NFX que utilizan Juniper Networks Junos OS son susceptibles a una vulnerabilidad de ejecuci\u00f3n de c\u00f3digo local, permitiendo a un atacante elevar sus privilegios mediante el proceso Junos Device Management Daemon (JDMD). Este problema afecta a Junos de Juniper Networks OS en la serie NFX: versiones 18.1, 18.1R1 y versiones posteriores anteriores a 18.2R3-S5; versiones 18.3 anteriores a 18.3R2-S4, 18.3R3-S3; versiones 18.4 anteriores a 18.4R2-S5, 18.4R3-S4; versiones 19.1 anteriores a 19.1R1-S3, 19.1R2; Versiones 19.2 anteriores a 19.2R1-S5, 19.2R2. Este problema no afecta a: Juniper Networks Junos OS versiones anteriores a 18.1R1. Este problema no afecta el JDMD utilizado por Junos Node Slicing, como el uso de servidores externos junto con Junos Node Slicing y Junos Node Slicing en el chasis en MX480, MX960, MX2008, MX2010, MX2020"}], "lastModified": "2022-05-12T14:05:58.550", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:18.1:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B0A756E2-C320-405A-B24F-7C5022649E5A"}, {"criteria": "cpe:2.3:o:juniper:junos:18.1:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2EF6F4C1-6A7E-474F-89BC-7A3C50FD8CAC"}, {"criteria": "cpe:2.3:o:juniper:junos:18.1:r2-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "84F5BCBA-404B-4BC9-B363-CE6D231B0D6D"}, {"criteria": "cpe:2.3:o:juniper:junos:18.1:r2-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "18A4CA3E-DA61-49CC-8476-3A476CCB2B83"}, {"criteria": "cpe:2.3:o:juniper:junos:18.1:r2-s4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A7380B3E-09F5-4497-86C6-11EF56BD89F1"}, {"criteria": "cpe:2.3:o:juniper:junos:18.1:r3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "658841A9-BEC9-433E-81D0-47DE82887C4F"}, {"criteria": "cpe:2.3:o:juniper:junos:18.1:r3-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5AD05209-1274-4F8A-9FA2-A1A8DFCC5755"}, {"criteria": "cpe:2.3:o:juniper:junos:18.1:r3-s10:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "68EBE6E9-5E3B-44A1-992F-D6B656706268"}, {"criteria": "cpe:2.3:o:juniper:junos:18.1:r3-s11:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2433F883-8545-421E-9CB7-AF36A578E930"}, {"criteria": "cpe:2.3:o:juniper:junos:18.1:r3-s12:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "46F9BD74-D57A-4689-81AB-D53DEBABBD5E"}, {"criteria": "cpe:2.3:o:juniper:junos:18.1:r3-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C97683B3-A07B-428F-9535-C49B55305679"}, {"criteria": "cpe:2.3:o:juniper:junos:18.1:r3-s3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A14CE132-C56B-43D8-A248-AB6A2D1A7B6C"}, {"criteria": "cpe:2.3:o:juniper:junos:18.1:r3-s4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "73978DD8-BD92-4872-8F35-AF2B9BCA1ECB"}, {"criteria": "cpe:2.3:o:juniper:junos:18.1:r3-s5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "678F57D1-2595-4AF3-BB87-AF2E1FE3CBB9"}, {"criteria": "cpe:2.3:o:juniper:junos:18.1:r3-s6:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7988CE92-71D2-4EEC-B596-4A60E2C1136A"}, {"criteria": "cpe:2.3:o:juniper:junos:18.1:r3-s7:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "330D176F-8DAD-440C-A623-44FA233FAB01"}, {"criteria": "cpe:2.3:o:juniper:junos:18.1:r3-s8:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8CC5EAB8-1364-4325-9F01-BE7CC479C29D"}, {"criteria": "cpe:2.3:o:juniper:junos:18.1:r3-s9:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4E2E933A-852F-4257-860D-09638EE0D2F3"}, {"criteria": "cpe:2.3:o:juniper:junos:18.2:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A8B5BD93-3C11-45D5-ACF0-7C4C01106C8A"}, {"criteria": "cpe:2.3:o:juniper:junos:18.2:r1:-:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "90BF177D-A895-4D05-B674-B27420A5DC6B"}, {"criteria": "cpe:2.3:o:juniper:junos:18.2:r1-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0070B31B-59DC-46E9-93E0-1E8BF3560BFC"}, {"criteria": "cpe:2.3:o:juniper:junos:18.2:r1-s3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A893CCE5-96B8-44A1-ABEF-6AB9B527B2FB"}, {"criteria": "cpe:2.3:o:juniper:junos:18.2:r1-s4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "42203801-E2E7-4DCF-ABBB-D23A91B2A9FF"}, {"criteria": "cpe:2.3:o:juniper:junos:18.2:r1-s5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "238EC996-8E8C-4332-916F-09E54E6EBB9D"}, {"criteria": "cpe:2.3:o:juniper:junos:18.2:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5F711936-33A1-47FC-A6A0-A63088915815"}, {"criteria": "cpe:2.3:o:juniper:junos:18.2:r2-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "21B7820C-01D2-401C-9E6D-C83994FD5961"}, {"criteria": "cpe:2.3:o:juniper:junos:18.2:r2-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3D2FBD29-2CAC-41B4-9336-671373EF4A7C"}, {"criteria": "cpe:2.3:o:juniper:junos:18.2:r2-s3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EEFCDA90-67E2-4AEF-800C-1D29A9121B8F"}, {"criteria": "cpe:2.3:o:juniper:junos:18.2:r2-s4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "74B99981-840F-4DAD-976A-5DAEFE9FB93D"}, {"criteria": "cpe:2.3:o:juniper:junos:18.2:r2-s5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BDD3ADB9-35FF-41D3-92BD-98D6D4826B03"}, {"criteria": "cpe:2.3:o:juniper:junos:18.2:r2-s6:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "341F2459-8335-40E9-A2B3-BE804D319F95"}, {"criteria": "cpe:2.3:o:juniper:junos:18.2:r2-s7:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0CD17956-8E8C-489D-927A-5709C05EA705"}, {"criteria": "cpe:2.3:o:juniper:junos:18.2:r3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B670F988-78F2-4BC6-B7FC-E34C280F67DC"}, {"criteria": "cpe:2.3:o:juniper:junos:18.2:r3-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2F9451C7-6466-4AC9-9A7F-90A2817AED6C"}, {"criteria": "cpe:2.3:o:juniper:junos:18.2:r3-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "871CA952-C5EC-4A25-8EF0-C2EC484F7DE9"}, {"criteria": "cpe:2.3:o:juniper:junos:18.2:r3-s3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "80E2AD65-3DAC-4618-AB73-C43EDCDC7A13"}, {"criteria": "cpe:2.3:o:juniper:junos:18.2:r3-s4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B783A510-A694-4BF0-8995-F05507F75A90"}, {"criteria": "cpe:2.3:o:juniper:junos:18.3:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1BB9C2BB-D20B-41E9-B75F-7FAD9ECCDB99"}, {"criteria": "cpe:2.3:o:juniper:junos:18.3:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5342C3DC-D640-47AB-BD76-3444852988A2"}, {"criteria": "cpe:2.3:o:juniper:junos:18.3:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8AB8585E-EDC6-4400-BEE3-3A6A7C922C90"}, {"criteria": "cpe:2.3:o:juniper:junos:18.3:r1-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A2ABC574-B3FC-4025-B50D-7F9EEB28C806"}, {"criteria": "cpe:2.3:o:juniper:junos:18.3:r1-s3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6F6EAFC3-C3AC-4361-8530-39FCF89702F7"}, {"criteria": "cpe:2.3:o:juniper:junos:18.3:r1-s4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "92FB1BF6-8852-45D8-817C-36CDBE730801"}, {"criteria": "cpe:2.3:o:juniper:junos:18.3:r1-s5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6B363298-315C-4FD5-9417-C5B82883A224"}, {"criteria": "cpe:2.3:o:juniper:junos:18.3:r1-s6:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EB08FF7B-01F5-4A19-858E-E2CD19D61A62"}, {"criteria": "cpe:2.3:o:juniper:junos:18.3:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B7A3FBD3-5399-42A9-9BD9-E3C981CBD6DB"}, {"criteria": "cpe:2.3:o:juniper:junos:18.3:r2-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4EBD361C-8B4D-43EF-8B82-9FE165D8206E"}, {"criteria": "cpe:2.3:o:juniper:junos:18.3:r2-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6E7539C4-6208-43EB-9A0B-4852D0CE0FA1"}, {"criteria": "cpe:2.3:o:juniper:junos:18.3:r2-s3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "35299B02-DC75-458D-B86D-8A0DB95B06AA"}, {"criteria": "cpe:2.3:o:juniper:junos:18.3:r3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CFB29C9B-9729-43EB-AF98-AF44038DA711"}, {"criteria": "cpe:2.3:o:juniper:junos:18.3:r3-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2D1FB957-54C8-428E-BC8D-2802D7F6895F"}, {"criteria": "cpe:2.3:o:juniper:junos:18.3:r3-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A0BC4766-4BA4-4B02-A654-5C527EA66E9E"}, {"criteria": "cpe:2.3:o:juniper:junos:18.4:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "74CA9010-D3DE-487B-B46F-589A48AB0F0A"}, {"criteria": "cpe:2.3:o:juniper:junos:18.4:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A38F224C-8E9B-44F3-9D4F-6C9F04F57927"}, {"criteria": "cpe:2.3:o:juniper:junos:18.4:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "853F146A-9A0F-49B6-AFD2-9907434212F1"}, {"criteria": "cpe:2.3:o:juniper:junos:18.4:r1-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8F73B88B-E66C-4ACD-B38D-9365FB230ABA"}, {"criteria": "cpe:2.3:o:juniper:junos:18.4:r1-s3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EE1F82EC-3222-4158-8923-59CDA1909A9C"}, {"criteria": "cpe:2.3:o:juniper:junos:18.4:r1-s4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8FE95D15-B5E5-4E74-9464-C72D8B646A6B"}, {"criteria": "cpe:2.3:o:juniper:junos:18.4:r1-s5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C012CD07-706A-4E1C-B399-C55AEF5C8309"}, {"criteria": "cpe:2.3:o:juniper:junos:18.4:r1-s6:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A0C26E59-874A-4D87-9E7F-E366F4D65ED1"}, {"criteria": "cpe:2.3:o:juniper:junos:18.4:r1-s7:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "75902119-60D0-49F8-8E01-666E0F75935A"}, {"criteria": "cpe:2.3:o:juniper:junos:18.4:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D59D7A31-128B-4034-862B-8EF3CE3EE949"}, {"criteria": "cpe:2.3:o:juniper:junos:18.4:r2-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0C5E097B-B79E-4E6A-9291-C8CB9674FED5"}, {"criteria": "cpe:2.3:o:juniper:junos:18.4:r2-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "819FA3ED-F934-4B20-BC0E-D638ACCB7787"}, {"criteria": "cpe:2.3:o:juniper:junos:18.4:r2-s3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3D7D773A-4988-4D7C-A105-1885EBE14426"}, {"criteria": "cpe:2.3:o:juniper:junos:18.4:r2-s4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1BD93674-9375-493E-BD6C-8AD41CC75DD4"}, {"criteria": "cpe:2.3:o:juniper:junos:18.4:r3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "736B7A9F-E237-45AF-A6D6-84412475F481"}, {"criteria": "cpe:2.3:o:juniper:junos:18.4:r3-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "62E63730-F697-4FE6-936B-FD9B4F22EAE8"}, {"criteria": "cpe:2.3:o:juniper:junos:18.4:r3-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "064A7052-4EF5-4BFB-88FF-8122AEECB6A7"}, {"criteria": "cpe:2.3:o:juniper:junos:18.4:r3-s3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "08C58CCB-3BAA-4400-B371-556DF46DE69C"}, {"criteria": "cpe:2.3:o:juniper:junos:19.1:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "768C0EB7-8456-4BF4-8598-3401A54D21DA"}, {"criteria": "cpe:2.3:o:juniper:junos:19.1:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5332B70A-F6B0-4C3B-90E2-5CBFB3326126"}, {"criteria": "cpe:2.3:o:juniper:junos:19.1:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "81439FE8-5405-45C2-BC04-9823D2009A77"}, {"criteria": "cpe:2.3:o:juniper:junos:19.1:r1-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E506138D-043E-485D-B485-94A2AB75F8E7"}, {"criteria": "cpe:2.3:o:juniper:junos:19.2:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0E7545CE-6300-4E81-B5AF-2BE150C1B190"}, {"criteria": "cpe:2.3:o:juniper:junos:19.2:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4CA3060F-1800-4A06-A453-FB8CE4B65312"}, {"criteria": "cpe:2.3:o:juniper:junos:19.2:r1-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9A5B337A-727C-4767-AD7B-E0F7F99EB46F"}, {"criteria": "cpe:2.3:o:juniper:junos:19.2:r1-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "16FDE60B-7A99-4683-BC14-530B5B005F8B"}, {"criteria": "cpe:2.3:o:juniper:junos:19.2:r1-s3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "725D8C27-E4F8-4394-B4EC-B49B6D3C2709"}, {"criteria": "cpe:2.3:o:juniper:junos:19.2:r1-s4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8233C3AB-470E-4D13-9BFD-C9E90918FD0B"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:juniper:nfx150:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D9AE81FA-B0F3-4F0B-A2D1-2BB590345058"}, {"criteria": "cpe:2.3:h:juniper:nfx250:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7EB08A27-7777-4538-ADC4-9D2F89963C13"}, {"criteria": "cpe:2.3:h:juniper:nfx350:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6CB56048-A486-4A46-B438-CC3084BD9CB6"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "sirt@juniper.net"}