Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
CVE-2021-0278
CVE information
Published
Last Modified
CVSSv2.0 Severity
CVSSv3.1 Severity
Impact Analysis
Description
An Improper Input Validation vulnerability in J-Web of Juniper Networks Junos OS allows a locally authenticated attacker to escalate their privileges to root over the target device. junos:18.3R3-S5 junos:18.4R3-S9 junos:19.1R3-S6 junos:19.3R2-S6 junos:19.3R3-S3 junos:19.4R1-S4 junos:19.4R3-S4 junos:20.1R2-S2 junos:20.1R3 junos:20.2R3-S1 junos:20.3X75-D20 junos:20.3X75-D30 junos:20.4R2-S1 junos:20.4R3 junos:21.1R1-S1 junos:21.1R2 junos:21.2R1 junos:21.3R1 This issue affects: Juniper Networks Junos OS 19.3 versions 19.3R1 and above prior to 19.3R2-S6, 19.3R3-S3; 19.4 versions prior to 19.4R3-S5; 20.1 versions prior to 20.1R2-S2, 20.1R3-S1; 20.2 versions prior to 20.2R3-S2; 20.3 versions prior to 20.3R3; 20.4 versions prior to 20.4R2-S1, 20.4R3; 21.1 versions prior to 21.1R1-S1, 21.1R2. This issue does not affect Juniper Networks Junos OS versions prior to 19.3R1..
CVSSv2.0 Score
- Severity
- High
- Base Score
- 7.2/10
- Exploit Score
- 3.9/10
- Access Vector
- Local
- Access Complexity
- Low
- Authentication Required
- None
- Impact Score
- 10/10
- Confidentiality Impact
- Complete
- Availability Impact
- Complete
- Integrity Impact
- Complete
CVSSv3.1 Score
- Severity
- High
- Base Score
- 7.8/10
- Exploit Score
- 1.8/10
- Access Vector
- Local
- Access Complexity
- Low
- Privileges Required
- Low
- Impact Score
- 5.9/10
- Confidentiality Impact
- High
- Availability Impact
- High
- Integrity Impact
- High
- Scope
- Unchanged
- User Interaction
- None
Products Affected
| CPE | Affected | Vulnerable | Excluding | Edit |
|---|---|---|---|---|
| cpe:2.3:o:juniper:junos:19.3:r1:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:o:juniper:junos:19.4:r1:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:o:juniper:junos:19.3:r2:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:o:juniper:junos:19.3:r2-s1:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:o:juniper:junos:19.3:r1-s1:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:o:juniper:junos:20.1:r1:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:o:juniper:junos:19.4:r1-s1:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:o:juniper:junos:19.3:r2-s2:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:o:juniper:junos:19.4:r1-s2:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:o:juniper:junos:20.1:r1-s1:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:o:juniper:junos:20.2:r1:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:o:juniper:junos:20.1:r1-s2:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:o:juniper:junos:20.1:r1-s3:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:o:juniper:junos:19.4:r2:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:o:juniper:junos:19.4:r2-s1:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:o:juniper:junos:19.3:r2-s3:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:o:juniper:junos:19.3:r2-s4:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:o:juniper:junos:20.2:r1-s1:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:o:juniper:junos:20.2:r1-s2:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:o:juniper:junos:19.4:r2-s2:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:o:juniper:junos:19.4:r3:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:o:juniper:junos:19.3:r2-s5:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:o:juniper:junos:19.3:r3:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:o:juniper:junos:20.3:r1:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:o:juniper:junos:20.1:r1-s4:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:o:juniper:junos:20.3:r1-s1:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:o:juniper:junos:20.2:r1-s3:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:o:juniper:junos:19.4:r3-s1:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:o:juniper:junos:19.4:r2-s3:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:o:juniper:junos:20.2:r2:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:o:juniper:junos:20.2:r2-s1:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:o:juniper:junos:19.4:r1-s3:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:o:juniper:junos:20.4:r1:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:o:juniper:junos:20.2:r2-s2:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:o:juniper:junos:20.1:r2:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:o:juniper:junos:20.1:r2-s1:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:o:juniper:junos:20.4:r1-s1:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:o:juniper:junos:20.2:r2-s3:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:o:juniper:junos:20.3:r2:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:o:juniper:junos:19.3:r3-s1:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:o:juniper:junos:21.1:r1:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:o:juniper:junos:20.4:r2:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:o:juniper:junos:20.3:r2-s1:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:o:juniper:junos:20.2:r3:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:o:juniper:junos:20.2:r3-s1:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:o:juniper:junos:20.1:r3:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:o:juniper:junos:19.4:r3-s2:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:o:juniper:junos:19.4:r3-s3:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:o:juniper:junos:19.4:r3-s4:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:o:juniper:junos:19.3:r3-s2:*:*:*:*:*:* |
Yes
|
- | - |