Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
Junos Exclusive Edit Mode Privilege Escalation Vulnerability
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
Privilege Escalation in exclusive edit mode
Insight
Insight
An escalation of privileges can occur when the 'load factory-default' command fails while in exclusive edit mode. When the load command fails, the user is no longer subject to any command and/or configuration restrictions. The escalation is limited to authenticated users with the ability to edit the configuration in the first place. The privilege bypass is specific to configured classes of CLI users with restrictions such as 'allow-commands', 'deny-commands', and 'deny-configuration'.
Affected Software
Affected Software
Junos OS 10.0, 10.4, 11.2, 11.3, 11.4 and 12.1.
Detection Method
Detection Method
Checks if a vulnerable OS build is present on the target host.
Solution
Solution
New builds of Junos OS software are available from Juniper. As a workaround deny access to the 'load factory-default' command.