CVE-2024-47495

An Authorization Bypass Through User-Controlled Key vulnerability allows a locally authenticated attacker with shell access to gain full control of the device when Dual Routing Engines (REs) are in use on Juniper Networks Junos OS Evolved devices. This issue affects: Juniper Networks Junos OS Evolved with dual-REs: * All versions before 21.2R3-S8-EVO, * from 21.4-EVO before 21.4R3-S8-EVO, * from 22.2-EVO before 22.2R3-S4-EVO, * from 22.3-EVO before 22.3R3-S4-EVO, * from 22.4-EVO before 22.4R3-S3-EVO, * from 23.2-EVO before 23.2R2-S1-EVO, * from 23.4-EVO before 23.4R2-S1-EVO. This issue does not affect Juniper Networks Junos OS.

CVSS v3 6.7 MEDIUM

6.7^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 0.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://kb.juniper.net/JSA88122

Configurations

No configuration.

History

No history.

Information

Published : 2024-10-11 16:15

Updated : 2024-10-15 12:58

NVD link : CVE-2024-47495

Mitre link : CVE-2024-47495

CVE.ORG link : CVE-2024-47495

JSON object : View

Products Affected

No product.

CWE

CWE-639

Authorization Bypass Through User-Controlled Key

{"id": "CVE-2024-47495", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "sirt@juniper.net", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.7, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 0.8}], "cvssMetricV40": [{"type": "Secondary", "source": "sirt@juniper.net", "cvssData": {"safety": "NOT_DEFINED", "version": "4.0", "recovery": "USER", "baseScore": 8.4, "automatable": "YES", "attackVector": "LOCAL", "baseSeverity": "HIGH", "valueDensity": "CONCENTRATED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:U/V:C/RE:L/U:Green", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "GREEN", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "HIGH", "modifiedAttackVector": "NOT_DEFINED", "integrityRequirements": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "availabilityRequirements": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subsequentSystemIntegrity": "NONE", "vulnerableSystemIntegrity": "HIGH", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "confidentialityRequirements": "NOT_DEFINED", "vulnerabilityResponseEffort": "LOW", "subsequentSystemAvailability": "NONE", "vulnerableSystemAvailability": "HIGH", "subsequentSystemConfidentiality": "NONE", "vulnerableSystemConfidentiality": "HIGH", "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", "modifiedSubsequentSystemAvailability": "NOT_DEFINED", "modifiedVulnerableSystemAvailability": "NOT_DEFINED", "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED"}}]}, "published": "2024-10-11T16:15:09.830", "references": [{"url": "https://kb.juniper.net/JSA88122", "source": "sirt@juniper.net"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "sirt@juniper.net", "description": [{"lang": "en", "value": "CWE-639"}]}], "descriptions": [{"lang": "en", "value": "An Authorization Bypass Through User-Controlled Key vulnerability allows a locally authenticated attacker with shell access to gain full control of the device when Dual Routing Engines (REs) are in use on Juniper Networks Junos OS Evolved devices.\n\nThis issue affects:\nJuniper Networks Junos OS Evolved with dual-REs:\n * All versions before 21.2R3-S8-EVO,\n * from 21.4-EVO before 21.4R3-S8-EVO,\n * from 22.2-EVO before 22.2R3-S4-EVO,\n * from 22.3-EVO before 22.3R3-S4-EVO,\n * from 22.4-EVO before 22.4R3-S3-EVO,\n * from 23.2-EVO before 23.2R2-S1-EVO,\n * from 23.4-EVO before 23.4R2-S1-EVO.\n\n\n\nThis issue does not affect Juniper Networks Junos OS."}, {"lang": "es", "value": "Una vulnerabilidad de omisi\u00f3n de autorizaci\u00f3n a trav\u00e9s de una clave controlada por el usuario permite que un atacante autenticado localmente con acceso al shell obtenga control total del dispositivo cuando se utilizan motores de enrutamiento dual (RE) en dispositivos Juniper Networks Junos OS Evolved. Este problema afecta a: Juniper Networks Junos OS Evolved con RE duales: * Todas las versiones anteriores a 21.2R3-S8-EVO, * desde 21.4-EVO hasta 21.4R3-S8-EVO, * desde 22.2-EVO hasta 22.2R3-S4-EVO, * desde 22.3-EVO hasta 22.3R3-S4-EVO, * desde 22.4-EVO hasta 22.4R3-S3-EVO, * desde 23.2-EVO hasta 23.2R2-S1-EVO, * desde 23.4-EVO hasta 23.4R2-S1-EVO. Este problema no afecta a Juniper Networks Junos OS."}], "lastModified": "2024-10-15T12:58:51.050", "sourceIdentifier": "sirt@juniper.net"}