CVE-2024-21615

Summary

An Incorrect Default Permissions vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged attacker to access confidential information on the system.

On all Junos OS and Junos OS Evolved platforms, when NETCONF traceoptions are configured, and a super-user performs specific actions via NETCONF, then a low-privileged user can access sensitive information compromising the confidentiality of the system. This issue affects:

Junos OS:

  • all versions before 21.2R3-S7, 

  • from 21.4 before 21.4R3-S5, 

  • from 22.1 before 22.1R3-S5, 

  • from 22.2 before 22.2R3-S3, 

  • from 22.3 before 22.3R3-S2, 

  • from 22.4 before 22.4R3, 

  • from 23.2 before 23.2R1-S2.

Junos OS Evolved: 

  • all versions before 21.2R3-S7-EVO, 

  • from 21.3 before 21.3R3-S5-EVO, 

  • from 21.4 before 21.4R3-S5-EVO, 

  • from 22.1 before 22.1R3-S5-EVO, 

  • from 22.2 before 22.2R3-S3-EVO, 

  • from 22.3 before 22.3R3-S2-EVO,

  • from 22.4 before 22.4R3-EVO, 

  • from 23.2 before 23.2R1-S2.

Affected Software

VendorProductVersion RangeStatus
Juniper NetworksJunos OS0 < 21.2R3-S7affected
Juniper NetworksJunos OS21.4 < 21.4R3-S5affected
Juniper NetworksJunos OS22.1 < 22.1R3-S5affected
Juniper NetworksJunos OS22.2 < 22.2R3-S3affected
Juniper NetworksJunos OS22.3 < 22.3R3-S2affected
Juniper NetworksJunos OS22.4 < 22.4R3affected
Juniper NetworksJunos OS23.2 < 23.2R1-S2affected
Juniper NetworksJunos OS Evolved0 < 21.2R3-S7-EVOaffected
Juniper NetworksJunos OS Evolved21.3-EVO < 21.3R3-S5-EVOaffected
Juniper NetworksJunos OS Evolved21.4-EVO < 21.4R3-S5-EVOaffected
Juniper NetworksJunos OS Evolved22.1-EVO < 22.1R3-S5-EVOaffected
Juniper NetworksJunos OS Evolved22.2-EVO < 22.2R3-S3-EVOaffected
Juniper NetworksJunos OS Evolved22.3-EVO < 22.3R3-S2-EVOaffected
Juniper NetworksJunos OS Evolved22.4-EVO < 22.4R3-EVOaffected
Juniper NetworksJunos OS Evolved23.2-EVO < 23.2R1-S2affected

Weaknesses

  • CWE-276: CWE-276 Incorrect Default Permissions

Workarounds

To reduce the risk of exploitation, enable access control lists (ACLs) and other filtering mechanisms to limit access to the device only from trusted hosts and networks to the NETCONF service.

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References