CVE-2018-0024: Junos OS: A privilege escalation vulnerability exists where authenticated users with shell access can become root
First published: Wed Jul 11 2018(Updated: )
An Improper Privilege Management vulnerability in a shell session of Juniper Networks Junos OS allows an authenticated unprivileged attacker to gain full control of the system. Affected releases are Juniper Networks Junos OS: 12.1X46 versions prior to 12.1X46-D45 on SRX Series; 12.3X48 versions prior to 12.3X48-D20 on SRX Series; 12.3 versions prior to 12.3R11 on EX Series; 14.1X53 versions prior to 14.1X53-D30 on EX2200/VC, EX3200, EX3300/VC, EX4200, EX4300, EX4550/VC, EX4600, EX6200, EX8200/VC (XRE), QFX3500, QFX3600, QFX5100;; 15.1X49 versions prior to 15.1X49-D20 on SRX Series.
Credit: sirt@juniper.net
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Juniper JUNOS | =12.1x46 | |
| Juniper JUNOS | =12.1x46-d10 | |
| Juniper JUNOS | =12.1x46-d15 | |
| Juniper JUNOS | =12.1x46-d20 | |
| Juniper JUNOS | =12.1x46-d25 | |
| Juniper JUNOS | =12.1x46-d30 | |
| Juniper JUNOS | =12.1x46-d35 | |
| Juniper JUNOS | =12.1x46-d40 | |
| Juniper Srx100 | ||
| Juniper Srx110 | ||
| Juniper Srx1400 | ||
| Juniper Srx1500 | ||
| Juniper Srx210 | ||
| Juniper Srx220 | ||
| Juniper Srx240 | ||
| Juniper Srx300 | ||
| Juniper Srx320 | ||
| Juniper Srx340 | ||
| Juniper Srx3400 | ||
| Juniper Srx345 | ||
| Juniper Srx3600 | ||
| Juniper Srx4100 | ||
| Juniper Srx4200 | ||
| Juniper Srx5400 | ||
| Juniper Srx550 | ||
| Juniper Srx5600 | ||
| Juniper Srx5800 | ||
| Juniper Srx650 | ||
| Juniper JUNOS | =12.3x48 | |
| Juniper JUNOS | =12.3x48-d10 | |
| Juniper JUNOS | =12.3x48-d15 | |
| Juniper JUNOS | =12.3 | |
| Juniper JUNOS | =12.3-r1 | |
| Juniper JUNOS | =12.3-r10 | |
| Juniper JUNOS | =12.3-r2 | |
| Juniper JUNOS | =12.3-r3 | |
| Juniper JUNOS | =12.3-r4 | |
| Juniper JUNOS | =12.3-r5 | |
| Juniper JUNOS | =12.3-r6 | |
| Juniper JUNOS | =12.3-r7 | |
| Juniper JUNOS | =12.3-r8 | |
| Juniper JUNOS | =12.3-r9 | |
| Juniper Ex Rps | ||
| Juniper Ex2200 | ||
| Juniper Ex2200-c | ||
| Juniper Ex2300 | ||
| Juniper Ex2300-c | ||
| Juniper Ex3300 | ||
| Juniper Ex3400 | ||
| Juniper Ex4200 | ||
| Juniper Ex4300 | ||
| Juniper Ex4550 | ||
| Juniper EX4600 | ||
| Juniper Ex9200 | ||
| Juniper JUNOS | =14.1x53 | |
| Juniper JUNOS | =14.1x53-d10 | |
| Juniper JUNOS | =14.1x53-d15 | |
| Juniper JUNOS | =14.1x53-d16 | |
| Juniper JUNOS | =14.1x53-d25 | |
| Juniper JUNOS | =14.1x53-d26 | |
| Juniper JUNOS | =14.1x53-d27 | |
| Juniper Ex2200\/vc | ||
| Juniper Ex3200 | ||
| Juniper Ex3300\/vc | ||
| Juniper Ex4550\/vc | ||
| Juniper Ex6200 | ||
| Juniper Ex8200\/vc \(xre\) | ||
| Juniper Qfx3500 | ||
| Juniper Qfx3600 | ||
| Juniper Qfx5100 | ||
| Juniper JUNOS | =15.1x49 | |
| Juniper JUNOS | =15.1x49-d10 |
Remedy
The following software releases have been updated to resolve this specific issue: Junos OS 12.1X46-D45, 12.3X48-D20, 12.3R11, 14.1X53-D30, 15.1X49-D20 and all subsequent releases.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/remedy
- agent/weakness
- agent/severity
- agent/references
- agent/author
- agent/title
- agent/description
- agent/first-publish-date
- agent/event
- agent/tags
- vendor/juniper
- canonical/juniper junos
- version/juniper junos/12.1x46
- version/juniper junos/12.1x46-d10
- version/juniper junos/12.1x46-d15
- version/juniper junos/12.1x46-d20
- version/juniper junos/12.1x46-d25
- version/juniper junos/12.1x46-d30
- version/juniper junos/12.1x46-d35
- version/juniper junos/12.1x46-d40
- canonical/juniper srx100
- canonical/juniper srx110
- canonical/juniper srx1400
- canonical/juniper srx1500
- canonical/juniper srx210
- canonical/juniper srx220
- canonical/juniper srx240
- canonical/juniper srx300
- canonical/juniper srx320
- canonical/juniper srx340
- canonical/juniper srx3400
- canonical/juniper srx345
- canonical/juniper srx3600
- canonical/juniper srx4100
- canonical/juniper srx4200
- canonical/juniper srx5400
- canonical/juniper srx550
- canonical/juniper srx5600
- canonical/juniper srx5800
- canonical/juniper srx650
- version/juniper junos/12.3x48
- version/juniper junos/12.3x48-d10
- version/juniper junos/12.3x48-d15
- version/juniper junos/12.3
- version/juniper junos/12.3-r1
- version/juniper junos/12.3-r10
- version/juniper junos/12.3-r2
- version/juniper junos/12.3-r3
- version/juniper junos/12.3-r4
- version/juniper junos/12.3-r5
- version/juniper junos/12.3-r6
- version/juniper junos/12.3-r7
- version/juniper junos/12.3-r8
- version/juniper junos/12.3-r9
- canonical/juniper ex rps
- canonical/juniper ex2200
- canonical/juniper ex2200-c
- canonical/juniper ex2300
- canonical/juniper ex2300-c
- canonical/juniper ex3300
- canonical/juniper ex3400
- canonical/juniper ex4200
- canonical/juniper ex4300
- canonical/juniper ex4550
- canonical/juniper ex4600
- canonical/juniper ex9200
- version/juniper junos/14.1x53
- version/juniper junos/14.1x53-d10
- version/juniper junos/14.1x53-d15
- version/juniper junos/14.1x53-d16
- version/juniper junos/14.1x53-d25
- version/juniper junos/14.1x53-d26
- version/juniper junos/14.1x53-d27
- canonical/juniper ex2200\/vc
- canonical/juniper ex3200
- canonical/juniper ex3300\/vc
- canonical/juniper ex4550\/vc
- canonical/juniper ex6200
- canonical/juniper ex8200\/vc \(xre\)
- canonical/juniper qfx3500
- canonical/juniper qfx3600
- canonical/juniper qfx5100
- version/juniper junos/15.1x49
- version/juniper junos/15.1x49-d10