CVE-2021-31385: Junos OS: J-Web: A path traversal vulnerability allows an authenticated attacker to elevate their privileges to root
First published: Tue Oct 19 2021(Updated: )
An Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in J-Web of Juniper Networks Junos OS allows any low-privileged authenticated attacker to elevate their privileges to root. This issue affects: Juniper Networks Junos OS 12.3 versions prior to 12.3R12-S19; 15.1 versions prior to 15.1R7-S10; 18.3 versions prior to 18.3R3-S5; 18.4 versions prior to 18.4R3-S9; 19.1 versions prior to 19.1R3-S6; 19.2 versions prior to 19.2R1-S7, 19.2R3-S3; 19.3 versions prior to 19.3R3-S3; 19.4 versions prior to 19.4R3-S5; 20.1 versions prior to 20.1R2-S2, 20.1R3-S1; 20.2 versions prior to 20.2R3-S2; 20.3 versions prior to 20.3R3; 20.4 versions prior to 20.4R2-S1, 20.4R3; 21.1 versions prior to 21.1R1-S1, 21.1R2.
Credit: sirt@juniper.net
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Juniper JUNOS | =12.3 | |
| Juniper JUNOS | =12.3-r1 | |
| Juniper JUNOS | =12.3-r10 | |
| Juniper JUNOS | =12.3-r10-s1 | |
| Juniper JUNOS | =12.3-r10-s2 | |
| Juniper JUNOS | =12.3-r11 | |
| Juniper JUNOS | =12.3-r12 | |
| Juniper JUNOS | =12.3-r12-s1 | |
| Juniper JUNOS | =12.3-r12-s10 | |
| Juniper JUNOS | =12.3-r12-s11 | |
| Juniper JUNOS | =12.3-r12-s12 | |
| Juniper JUNOS | =12.3-r12-s13 | |
| Juniper JUNOS | =12.3-r12-s14 | |
| Juniper JUNOS | =12.3-r12-s15 | |
| Juniper JUNOS | =12.3-r12-s16 | |
| Juniper JUNOS | =12.3-r12-s17 | |
| Juniper JUNOS | =12.3-r12-s18 | |
| Juniper JUNOS | =12.3-r12-s3 | |
| Juniper JUNOS | =12.3-r12-s4 | |
| Juniper JUNOS | =12.3-r12-s6 | |
| Juniper JUNOS | =12.3-r12-s8 | |
| Juniper JUNOS | =12.3-r2 | |
| Juniper JUNOS | =12.3-r3 | |
| Juniper JUNOS | =12.3-r4 | |
| Juniper JUNOS | =12.3-r5 | |
| Juniper JUNOS | =12.3-r6 | |
| Juniper JUNOS | =12.3-r7 | |
| Juniper JUNOS | =12.3-r8 | |
| Juniper JUNOS | =12.3-r9 | |
| Juniper JUNOS | =15.1 | |
| Juniper JUNOS | =15.1-a1 | |
| Juniper JUNOS | =15.1-f | |
| Juniper JUNOS | =15.1-f1 | |
| Juniper JUNOS | =15.1-f2 | |
| Juniper JUNOS | =15.1-f2-s1 | |
| Juniper JUNOS | =15.1-f2-s2 | |
| Juniper JUNOS | =15.1-f2-s3 | |
| Juniper JUNOS | =15.1-f2-s4 | |
| Juniper JUNOS | =15.1-f3 | |
| Juniper JUNOS | =15.1-f4 | |
| Juniper JUNOS | =15.1-f5 | |
| Juniper JUNOS | =15.1-f5-s7 | |
| Juniper JUNOS | =15.1-f6 | |
| Juniper JUNOS | =15.1-f6-s1 | |
| Juniper JUNOS | =15.1-f6-s10 | |
| Juniper JUNOS | =15.1-f6-s12 | |
| Juniper JUNOS | =15.1-f6-s2 | |
| Juniper JUNOS | =15.1-f6-s3 | |
| Juniper JUNOS | =15.1-f6-s4 | |
| Juniper JUNOS | =15.1-f6-s5 | |
| Juniper JUNOS | =15.1-f6-s6 | |
| Juniper JUNOS | =15.1-f6-s7 | |
| Juniper JUNOS | =15.1-f6-s8 | |
| Juniper JUNOS | =15.1-f6-s9 | |
| Juniper JUNOS | =15.1-f7 | |
| Juniper JUNOS | =15.1-r | |
| Juniper JUNOS | =15.1-r1 | |
| Juniper JUNOS | =15.1-r2 | |
| Juniper JUNOS | =15.1-r3 | |
| Juniper JUNOS | =15.1-r4 | |
| Juniper JUNOS | =15.1-r4-s7 | |
| Juniper JUNOS | =15.1-r4-s8 | |
| Juniper JUNOS | =15.1-r4-s9 | |
| Juniper JUNOS | =15.1-r5 | |
| Juniper JUNOS | =15.1-r5-s1 | |
| Juniper JUNOS | =15.1-r5-s3 | |
| Juniper JUNOS | =15.1-r5-s5 | |
| Juniper JUNOS | =15.1-r5-s6 | |
| Juniper JUNOS | =15.1-r6 | |
| Juniper JUNOS | =15.1-r6-s1 | |
| Juniper JUNOS | =15.1-r6-s2 | |
| Juniper JUNOS | =15.1-r6-s3 | |
| Juniper JUNOS | =15.1-r6-s4 | |
| Juniper JUNOS | =15.1-r6-s6 | |
| Juniper JUNOS | =15.1-r7 | |
| Juniper JUNOS | =15.1-r7-s1 | |
| Juniper JUNOS | =15.1-r7-s2 | |
| Juniper JUNOS | =15.1-r7-s3 | |
| Juniper JUNOS | =15.1-r7-s4 | |
| Juniper JUNOS | =15.1-r7-s5 | |
| Juniper JUNOS | =15.1-r7-s6 | |
| Juniper JUNOS | =15.1-r7-s7 | |
| Juniper JUNOS | =15.1-r7-s8 | |
| Juniper JUNOS | =15.1-r7-s9 | |
| Juniper JUNOS | =18.3 | |
| Juniper JUNOS | =18.3-r1 | |
| Juniper JUNOS | =18.3-r1-s1 | |
| Juniper JUNOS | =18.3-r1-s2 | |
| Juniper JUNOS | =18.3-r1-s3 | |
| Juniper JUNOS | =18.3-r1-s4 | |
| Juniper JUNOS | =18.3-r1-s5 | |
| Juniper JUNOS | =18.3-r1-s6 | |
| Juniper JUNOS | =18.3-r2 | |
| Juniper JUNOS | =18.3-r2-s1 | |
| Juniper JUNOS | =18.3-r2-s2 | |
| Juniper JUNOS | =18.3-r2-s3 | |
| Juniper JUNOS | =18.3-r2-s4 | |
| Juniper JUNOS | =18.3-r3 | |
| Juniper JUNOS | =18.3-r3-s1 | |
| Juniper JUNOS | =18.3-r3-s2 | |
| Juniper JUNOS | =18.3-r3-s3 | |
| Juniper JUNOS | =18.3-r3-s4 | |
| Juniper JUNOS | =18.4 | |
| Juniper JUNOS | =18.4-r1 | |
| Juniper JUNOS | =18.4-r1-s1 | |
| Juniper JUNOS | =18.4-r1-s2 | |
| Juniper JUNOS | =18.4-r1-s3 | |
| Juniper JUNOS | =18.4-r1-s4 | |
| Juniper JUNOS | =18.4-r1-s5 | |
| Juniper JUNOS | =18.4-r1-s6 | |
| Juniper JUNOS | =18.4-r1-s7 | |
| Juniper JUNOS | =18.4-r2 | |
| Juniper JUNOS | =18.4-r2-s1 | |
| Juniper JUNOS | =18.4-r2-s2 | |
| Juniper JUNOS | =18.4-r2-s3 | |
| Juniper JUNOS | =18.4-r2-s4 | |
| Juniper JUNOS | =18.4-r2-s5 | |
| Juniper JUNOS | =18.4-r2-s6 | |
| Juniper JUNOS | =18.4-r2-s7 | |
| Juniper JUNOS | =18.4-r2-s8 | |
| Juniper JUNOS | =18.4-r3 | |
| Juniper JUNOS | =18.4-r3-s1 | |
| Juniper JUNOS | =18.4-r3-s2 | |
| Juniper JUNOS | =18.4-r3-s3 | |
| Juniper JUNOS | =18.4-r3-s4 | |
| Juniper JUNOS | =18.4-r3-s5 | |
| Juniper JUNOS | =18.4-r3-s6 | |
| Juniper JUNOS | =18.4-r3-s7 | |
| Juniper JUNOS | =18.4-r3-s8 | |
| Juniper JUNOS | =19.1 | |
| Juniper JUNOS | =19.1-r1 | |
| Juniper JUNOS | =19.1-r1-s1 | |
| Juniper JUNOS | =19.1-r1-s2 | |
| Juniper JUNOS | =19.1-r1-s3 | |
| Juniper JUNOS | =19.1-r1-s4 | |
| Juniper JUNOS | =19.1-r1-s5 | |
| Juniper JUNOS | =19.1-r1-s6 | |
| Juniper JUNOS | =19.1-r2 | |
| Juniper JUNOS | =19.1-r2-s1 | |
| Juniper JUNOS | =19.1-r2-s2 | |
| Juniper JUNOS | =19.1-r3 | |
| Juniper JUNOS | =19.1-r3-s1 | |
| Juniper JUNOS | =19.1-r3-s2 | |
| Juniper JUNOS | =19.1-r3-s3 | |
| Juniper JUNOS | =19.1-r3-s4 | |
| Juniper JUNOS | =19.1-r3-s5 | |
| Juniper JUNOS | =19.2 | |
| Juniper JUNOS | =19.2-r1 | |
| Juniper JUNOS | =19.2-r1-s1 | |
| Juniper JUNOS | =19.2-r1-s2 | |
| Juniper JUNOS | =19.2-r1-s3 | |
| Juniper JUNOS | =19.2-r1-s4 | |
| Juniper JUNOS | =19.2-r1-s5 | |
| Juniper JUNOS | =19.2-r1-s6 | |
| Juniper JUNOS | =19.2-r2 | |
| Juniper JUNOS | =19.2-r2-s1 | |
| Juniper JUNOS | =19.2-r3 | |
| Juniper JUNOS | =19.2-r3-s1 | |
| Juniper JUNOS | =19.2-r3-s2 | |
| Juniper JUNOS | =19.3 | |
| Juniper JUNOS | =19.3-r1 | |
| Juniper JUNOS | =19.3-r1-s1 | |
| Juniper JUNOS | =19.3-r2 | |
| Juniper JUNOS | =19.3-r2-s1 | |
| Juniper JUNOS | =19.3-r2-s2 | |
| Juniper JUNOS | =19.3-r2-s3 | |
| Juniper JUNOS | =19.3-r2-s4 | |
| Juniper JUNOS | =19.3-r2-s5 | |
| Juniper JUNOS | =19.3-r3 | |
| Juniper JUNOS | =19.3-r3-s1 | |
| Juniper JUNOS | =19.3-r3-s2 | |
| Juniper JUNOS | =19.4-r1 | |
| Juniper JUNOS | =19.4-r1-s1 | |
| Juniper JUNOS | =19.4-r1-s2 | |
| Juniper JUNOS | =19.4-r1-s3 | |
| Juniper JUNOS | =19.4-r2 | |
| Juniper JUNOS | =19.4-r2-s1 | |
| Juniper JUNOS | =19.4-r2-s2 | |
| Juniper JUNOS | =19.4-r2-s3 | |
| Juniper JUNOS | =19.4-r2-s4 | |
| Juniper JUNOS | =19.4-r3 | |
| Juniper JUNOS | =19.4-r3-s1 | |
| Juniper JUNOS | =19.4-r3-s2 | |
| Juniper JUNOS | =19.4-r3-s3 | |
| Juniper JUNOS | =19.4-r3-s4 | |
| Juniper JUNOS | =20.1-r1 | |
| Juniper JUNOS | =20.1-r1-s1 | |
| Juniper JUNOS | =20.1-r1-s2 | |
| Juniper JUNOS | =20.1-r1-s3 | |
| Juniper JUNOS | =20.1-r1-s4 | |
| Juniper JUNOS | =20.1-r2 | |
| Juniper JUNOS | =20.1-r2-s1 | |
| Juniper JUNOS | =20.1-r3 | |
| Juniper JUNOS | =20.2-r1 | |
| Juniper JUNOS | =20.2-r1-s1 | |
| Juniper JUNOS | =20.2-r1-s2 | |
| Juniper JUNOS | =20.2-r1-s3 | |
| Juniper JUNOS | =20.2-r2 | |
| Juniper JUNOS | =20.2-r2-s1 | |
| Juniper JUNOS | =20.2-r2-s2 | |
| Juniper JUNOS | =20.2-r2-s3 | |
| Juniper JUNOS | =20.2-r3 | |
| Juniper JUNOS | =20.2-r3-s1 | |
| Juniper JUNOS | =20.3-r1 | |
| Juniper JUNOS | =20.3-r1-s1 | |
| Juniper JUNOS | =20.3-r2 | |
| Juniper JUNOS | =20.3-r2-s1 | |
| Juniper JUNOS | =20.4-r1 | |
| Juniper JUNOS | =20.4-r1-s1 | |
| Juniper JUNOS | =20.4-r2 | |
| Juniper JUNOS | =21.1-r1 |
Remedy
The following software releases have been updated to resolve this specific issue: 12.3R12-S19, 15.1R7-S10, 18.3R3-S5, 18.4R3-S9, 19.1R3-S6, 19.2R1-S7, 19.2R3-S3, 19.3R3-S3, 19.4R3-S5, 20.1R2-S2, 20.1R3-S1, 20.2R3-S2, 20.3R3, 20.4R2-S1, 20.4R3, 21.1R1-S1, 21.1R2, 21.2R1, and all subsequent releases.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/author
- agent/weakness
- agent/references
- agent/title
- agent/severity
- agent/remedy
- agent/tags
- agent/description
- agent/first-publish-date
- agent/event
- vendor/juniper
- canonical/juniper junos
- version/juniper junos/12.3
- version/juniper junos/12.3-r1
- version/juniper junos/12.3-r10
- version/juniper junos/12.3-r10-s1
- version/juniper junos/12.3-r10-s2
- version/juniper junos/12.3-r11
- version/juniper junos/12.3-r12
- version/juniper junos/12.3-r12-s1
- version/juniper junos/12.3-r12-s10
- version/juniper junos/12.3-r12-s11
- version/juniper junos/12.3-r12-s12
- version/juniper junos/12.3-r12-s13
- version/juniper junos/12.3-r12-s14
- version/juniper junos/12.3-r12-s15
- version/juniper junos/12.3-r12-s16
- version/juniper junos/12.3-r12-s17
- version/juniper junos/12.3-r12-s18
- version/juniper junos/12.3-r12-s3
- version/juniper junos/12.3-r12-s4
- version/juniper junos/12.3-r12-s6
- version/juniper junos/12.3-r12-s8
- version/juniper junos/12.3-r2
- version/juniper junos/12.3-r3
- version/juniper junos/12.3-r4
- version/juniper junos/12.3-r5
- version/juniper junos/12.3-r6
- version/juniper junos/12.3-r7
- version/juniper junos/12.3-r8
- version/juniper junos/12.3-r9
- version/juniper junos/15.1
- version/juniper junos/15.1-a1
- version/juniper junos/15.1-f
- version/juniper junos/15.1-f1
- version/juniper junos/15.1-f2
- version/juniper junos/15.1-f2-s1
- version/juniper junos/15.1-f2-s2
- version/juniper junos/15.1-f2-s3
- version/juniper junos/15.1-f2-s4
- version/juniper junos/15.1-f3
- version/juniper junos/15.1-f4
- version/juniper junos/15.1-f5
- version/juniper junos/15.1-f5-s7
- version/juniper junos/15.1-f6
- version/juniper junos/15.1-f6-s1
- version/juniper junos/15.1-f6-s10
- version/juniper junos/15.1-f6-s12
- version/juniper junos/15.1-f6-s2
- version/juniper junos/15.1-f6-s3
- version/juniper junos/15.1-f6-s4
- version/juniper junos/15.1-f6-s5
- version/juniper junos/15.1-f6-s6
- version/juniper junos/15.1-f6-s7
- version/juniper junos/15.1-f6-s8
- version/juniper junos/15.1-f6-s9
- version/juniper junos/15.1-f7
- version/juniper junos/15.1-r
- version/juniper junos/15.1-r1
- version/juniper junos/15.1-r2
- version/juniper junos/15.1-r3
- version/juniper junos/15.1-r4
- version/juniper junos/15.1-r4-s7
- version/juniper junos/15.1-r4-s8
- version/juniper junos/15.1-r4-s9
- version/juniper junos/15.1-r5
- version/juniper junos/15.1-r5-s1
- version/juniper junos/15.1-r5-s3
- version/juniper junos/15.1-r5-s5
- version/juniper junos/15.1-r5-s6
- version/juniper junos/15.1-r6
- version/juniper junos/15.1-r6-s1
- version/juniper junos/15.1-r6-s2
- version/juniper junos/15.1-r6-s3
- version/juniper junos/15.1-r6-s4
- version/juniper junos/15.1-r6-s6
- version/juniper junos/15.1-r7
- version/juniper junos/15.1-r7-s1
- version/juniper junos/15.1-r7-s2
- version/juniper junos/15.1-r7-s3
- version/juniper junos/15.1-r7-s4
- version/juniper junos/15.1-r7-s5
- version/juniper junos/15.1-r7-s6
- version/juniper junos/15.1-r7-s7
- version/juniper junos/15.1-r7-s8
- version/juniper junos/15.1-r7-s9
- version/juniper junos/18.3
- version/juniper junos/18.3-r1
- version/juniper junos/18.3-r1-s1
- version/juniper junos/18.3-r1-s2
- version/juniper junos/18.3-r1-s3
- version/juniper junos/18.3-r1-s4
- version/juniper junos/18.3-r1-s5
- version/juniper junos/18.3-r1-s6
- version/juniper junos/18.3-r2
- version/juniper junos/18.3-r2-s1
- version/juniper junos/18.3-r2-s2
- version/juniper junos/18.3-r2-s3
- version/juniper junos/18.3-r2-s4
- version/juniper junos/18.3-r3
- version/juniper junos/18.3-r3-s1
- version/juniper junos/18.3-r3-s2
- version/juniper junos/18.3-r3-s3
- version/juniper junos/18.3-r3-s4
- version/juniper junos/18.4
- version/juniper junos/18.4-r1
- version/juniper junos/18.4-r1-s1
- version/juniper junos/18.4-r1-s2
- version/juniper junos/18.4-r1-s3
- version/juniper junos/18.4-r1-s4
- version/juniper junos/18.4-r1-s5
- version/juniper junos/18.4-r1-s6
- version/juniper junos/18.4-r1-s7
- version/juniper junos/18.4-r2
- version/juniper junos/18.4-r2-s1
- version/juniper junos/18.4-r2-s2
- version/juniper junos/18.4-r2-s3
- version/juniper junos/18.4-r2-s4
- version/juniper junos/18.4-r2-s5
- version/juniper junos/18.4-r2-s6
- version/juniper junos/18.4-r2-s7
- version/juniper junos/18.4-r2-s8
- version/juniper junos/18.4-r3
- version/juniper junos/18.4-r3-s1
- version/juniper junos/18.4-r3-s2
- version/juniper junos/18.4-r3-s3
- version/juniper junos/18.4-r3-s4
- version/juniper junos/18.4-r3-s5
- version/juniper junos/18.4-r3-s6
- version/juniper junos/18.4-r3-s7
- version/juniper junos/18.4-r3-s8
- version/juniper junos/19.1
- version/juniper junos/19.1-r1
- version/juniper junos/19.1-r1-s1
- version/juniper junos/19.1-r1-s2
- version/juniper junos/19.1-r1-s3
- version/juniper junos/19.1-r1-s4
- version/juniper junos/19.1-r1-s5
- version/juniper junos/19.1-r1-s6
- version/juniper junos/19.1-r2
- version/juniper junos/19.1-r2-s1
- version/juniper junos/19.1-r2-s2
- version/juniper junos/19.1-r3
- version/juniper junos/19.1-r3-s1
- version/juniper junos/19.1-r3-s2
- version/juniper junos/19.1-r3-s3
- version/juniper junos/19.1-r3-s4
- version/juniper junos/19.1-r3-s5
- version/juniper junos/19.2
- version/juniper junos/19.2-r1
- version/juniper junos/19.2-r1-s1
- version/juniper junos/19.2-r1-s2
- version/juniper junos/19.2-r1-s3
- version/juniper junos/19.2-r1-s4
- version/juniper junos/19.2-r1-s5
- version/juniper junos/19.2-r1-s6
- version/juniper junos/19.2-r2
- version/juniper junos/19.2-r2-s1
- version/juniper junos/19.2-r3
- version/juniper junos/19.2-r3-s1
- version/juniper junos/19.2-r3-s2
- version/juniper junos/19.3
- version/juniper junos/19.3-r1
- version/juniper junos/19.3-r1-s1
- version/juniper junos/19.3-r2
- version/juniper junos/19.3-r2-s1
- version/juniper junos/19.3-r2-s2
- version/juniper junos/19.3-r2-s3
- version/juniper junos/19.3-r2-s4
- version/juniper junos/19.3-r2-s5
- version/juniper junos/19.3-r3
- version/juniper junos/19.3-r3-s1
- version/juniper junos/19.3-r3-s2
- version/juniper junos/19.4-r1
- version/juniper junos/19.4-r1-s1
- version/juniper junos/19.4-r1-s2
- version/juniper junos/19.4-r1-s3
- version/juniper junos/19.4-r2
- version/juniper junos/19.4-r2-s1
- version/juniper junos/19.4-r2-s2
- version/juniper junos/19.4-r2-s3
- version/juniper junos/19.4-r2-s4
- version/juniper junos/19.4-r3
- version/juniper junos/19.4-r3-s1
- version/juniper junos/19.4-r3-s2
- version/juniper junos/19.4-r3-s3
- version/juniper junos/19.4-r3-s4
- version/juniper junos/20.1-r1
- version/juniper junos/20.1-r1-s1
- version/juniper junos/20.1-r1-s2
- version/juniper junos/20.1-r1-s3
- version/juniper junos/20.1-r1-s4
- version/juniper junos/20.1-r2
- version/juniper junos/20.1-r2-s1
- version/juniper junos/20.1-r3
- version/juniper junos/20.2-r1
- version/juniper junos/20.2-r1-s1
- version/juniper junos/20.2-r1-s2
- version/juniper junos/20.2-r1-s3
- version/juniper junos/20.2-r2
- version/juniper junos/20.2-r2-s1
- version/juniper junos/20.2-r2-s2
- version/juniper junos/20.2-r2-s3
- version/juniper junos/20.2-r3
- version/juniper junos/20.2-r3-s1
- version/juniper junos/20.3-r1
- version/juniper junos/20.3-r1-s1
- version/juniper junos/20.3-r2
- version/juniper junos/20.3-r2-s1
- version/juniper junos/20.4-r1
- version/juniper junos/20.4-r1-s1
- version/juniper junos/20.4-r2
- version/juniper junos/21.1-r1