Details of VAR-202101-1387

ID

VAR-202101-1387

CVE

CVE-2021-0223

TITLE

Juniper Networks Junos OS Vulnerability in privilege management

Trust: 0.8

sources: JVNDB: JVNDB-2021-002459

DESCRIPTION

A local privilege escalation vulnerability in telnetd.real of Juniper Networks Junos OS may allow a locally authenticated shell user to escalate privileges and execute arbitrary commands as root. telnetd.real is shipped with setuid permissions enabled and is owned by the root user, allowing local users to run telnetd.real with root privileges. This issue affects Juniper Networks Junos OS: all versions prior to 15.1R7-S9; 17.3 versions prior to 17.3R3-S11; 17.4 versions prior to 17.4R2-S12, 17.4R3-S3; 18.1 versions prior to 18.1R3-S11; 18.2 versions prior to 18.2R3-S6; 18.3 versions prior to 18.3R2-S4, 18.3R3-S4; 18.4 versions prior to 18.4R2-S7, 18.4R3-S6; 19.1 versions prior to 19.1R2-S2, 19.1R3-S4; 19.2 versions prior to 19.2R1-S6, 19.2R3-S1; 19.3 versions prior to 19.3R3-S1; 19.4 versions prior to 19.4R2-S2, 19.4R3; 20.1 versions prior to 20.1R1-S4, 20.1R2; 20.2 versions prior to 20.2R2. Juniper Networks Junos OS Contains a privilege management vulnerability.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. Juniper Networks Junos OS is a set of network operating system of Juniper Networks (Juniper Networks) dedicated to the company's hardware equipment. The operating system provides a secure programming interface and Junos SDK

Trust: 1.8

sources: NVD: CVE-2021-0223 // JVNDB: JVNDB-2021-002459 // VULHUB: VHN-372125 // VULMON: CVE-2021-0223

AFFECTED PRODUCTS

vendor:	juniper	model:	junos	scope:	eq	version:	17.3	Trust: 1.0
vendor:	juniper	model:	junos	scope:	eq	version:	18.1	Trust: 1.0
vendor:	juniper	model:	junos	scope:	eq	version:	17.4	Trust: 1.0
vendor:	juniper	model:	junos	scope:	eq	version:	15.1	Trust: 1.0
vendor:	juniper	model:	junos	scope:	eq	version:	18.2	Trust: 1.0
vendor:	juniper	model:	junos	scope:	eq	version:	20.1	Trust: 1.0
vendor:	juniper	model:	junos	scope:	eq	version:	19.4	Trust: 1.0
vendor:	juniper	model:	junos	scope:	eq	version:	19.1	Trust: 1.0
vendor:	juniper	model:	junos	scope:	eq	version:	20.2	Trust: 1.0
vendor:	juniper	model:	junos	scope:	eq	version:	18.4	Trust: 1.0
vendor:	juniper	model:	junos	scope:	eq	version:	19.2	Trust: 1.0
vendor:	juniper	model:	junos	scope:	eq	version:	19.3	Trust: 1.0
vendor:	juniper	model:	junos	scope:	eq	version:	18.3	Trust: 1.0
vendor:	ジュニパーネットワークス	model:	junos os	scope:	eq	version:	-	Trust: 0.8
vendor:	ジュニパーネットワークス	model:	junos os	scope:	-	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2021-002459 // NVD: CVE-2021-0223

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2021-0223
value:	HIGH
Trust: 1.0
sirt@juniper.net:	CVE-2021-0223
value:	HIGH
Trust: 1.0
NVD:	CVE-2021-0223
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-202101-1123
value:	HIGH
Trust: 0.6
VULHUB:	VHN-372125
value:	HIGH
Trust: 0.1
VULMON:	CVE-2021-0223
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2021-0223
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
VULHUB:	VHN-372125
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sirt@juniper.net:	CVE-2021-0223
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.1
Trust: 1.0
OTHER:	JVNDB-2021-002459
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-372125 // VULMON: CVE-2021-0223 // JVNDB: JVNDB-2021-002459 // CNNVD: CNNVD-202101-1123 // NVD: CVE-2021-0223 // NVD: CVE-2021-0223

PROBLEMTYPE DATA

problemtype:	CWE-269	Trust: 1.1
problemtype:	CWE-250	Trust: 1.0
problemtype:	Improper authority management (CWE-269) [NVD Evaluation ]	Trust: 0.8

sources: VULHUB: VHN-372125 // JVNDB: JVNDB-2021-002459 // NVD: CVE-2021-0223

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202101-1123

TYPE

authorization issue

Trust: 0.6

sources: CNNVD: CNNVD-202101-1123

PATCH

title:	JSA11114	url:	https://kb.juniper.net/JSA11114	Trust: 0.8
title:	Juniper Networks Junos OS Remediation measures for authorization problem vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=139560	Trust: 0.6
title:	主流供应商的一些攻击性漏洞汇总	url:	https://github.com/r0eXpeR/supplier	Trust: 0.1

sources: VULMON: CVE-2021-0223 // JVNDB: JVNDB-2021-002459 // CNNVD: CNNVD-202101-1123

EXTERNAL IDS

db:	NVD	id:	CVE-2021-0223	Trust: 2.6
db:	JUNIPER	id:	JSA11114	Trust: 1.8
db:	JVNDB	id:	JVNDB-2021-002459	Trust: 0.8
db:	CNNVD	id:	CNNVD-202101-1123	Trust: 0.7
db:	AUSCERT	id:	ESB-2021.0177	Trust: 0.6
db:	AUSCERT	id:	ESB-2021.0177.2	Trust: 0.6
db:	VULHUB	id:	VHN-372125	Trust: 0.1
db:	VULMON	id:	CVE-2021-0223	Trust: 0.1

sources: VULHUB: VHN-372125 // VULMON: CVE-2021-0223 // JVNDB: JVNDB-2021-002459 // CNNVD: CNNVD-202101-1123 // NVD: CVE-2021-0223

REFERENCES

url:	https://kb.juniper.net/jsa11114	Trust: 1.8
url:	https://nvd.nist.gov/vuln/detail/cve-2021-0223	Trust: 1.4
url:	https://vigilance.fr/vulnerability/junos-os-privilege-escalation-via-suid-binaries-34338	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.0177/	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2021.0177.2/	Trust: 0.6
url:	https://cwe.mitre.org/data/definitions/269.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://github.com/r0exper/supplier	Trust: 0.1

sources: VULHUB: VHN-372125 // VULMON: CVE-2021-0223 // JVNDB: JVNDB-2021-002459 // CNNVD: CNNVD-202101-1123 // NVD: CVE-2021-0223

SOURCES

db:	VULHUB	id:	VHN-372125
db:	VULMON	id:	CVE-2021-0223
db:	JVNDB	id:	JVNDB-2021-002459
db:	CNNVD	id:	CNNVD-202101-1123
db:	NVD	id:	CVE-2021-0223

LAST UPDATE DATE

2024-08-14T13:54:16.959000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-372125	date:	2022-09-20T00:00:00
db:	VULMON	id:	CVE-2021-0223	date:	2022-09-20T00:00:00
db:	JVNDB	id:	JVNDB-2021-002459	date:	2021-09-16T08:59:00
db:	CNNVD	id:	CNNVD-202101-1123	date:	2021-02-01T00:00:00
db:	NVD	id:	CVE-2021-0223	date:	2022-09-20T17:15:30.870

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-372125	date:	2021-01-15T00:00:00
db:	VULMON	id:	CVE-2021-0223	date:	2021-01-15T00:00:00
db:	JVNDB	id:	JVNDB-2021-002459	date:	2021-09-16T00:00:00
db:	CNNVD	id:	CNNVD-202101-1123	date:	2021-01-13T00:00:00
db:	NVD	id:	CVE-2021-0223	date:	2021-01-15T18:15:15.900