medium
5.1
CWE
276
Advisory Published
Updated

CVE-2024-39544: Junos OS Evolved: Low privileged local user able to view NETCONF traceoptions files

First published: Fri Oct 11 2024(Updated: )

An Incorrect Default Permissions vulnerability in the command line interface (CLI) of Juniper Networks Junos OS Evolved allows a low privileged local attacker to view NETCONF traceoptions files, representing an exposure of sensitive information. On all Junos OS Evolved platforms, when NETCONF traceoptions are configured, NETCONF traceoptions files get created with an incorrect group permission, which allows a low-privileged user can access sensitive information compromising the confidentiality of the system. Junos OS Evolved:  * All versions before 20.4R3-S9-EVO,  * 21.2-EVO before 21.2R3-S7-EVO,  * 21.4-EVO before 21.4R3-S5-EVO,  * 22.1-EVO before 22.1R3-S5-EVO,  * 22.2-EVO before 22.2R3-S3-EVO,  * 22.3-EVO before 22.3R3-EVO, 22.3R3-S2-EVO,  * 22.4-EVO before 22.4R3-EVO,  * 23.2-EVO before 23.2R1-S2-EVO, 23.2R2-EVO.

Credit: sirt@juniper.net

Affected SoftwareAffected VersionHow to fix
Juniper Networks Junos OS<20.4R3-S9-EVO<21.2R3-S7-EVO<21.4R3-S5-EVO<22.1R3-S5-EVO<22.2R3-S3-EVO<22.3R3-EVO<22.3R3-S2-EVO<22.4R3-EVO<23.2R1-S2-EVO<23.2R2-EVO

Remedy

The following software releases have been updated to resolve this specific issue: Junos OS Evolved 20.4R3-S9-EVO, 21.2R3-S7-EVO, 21.3R3-S5-EVO, 21.4R3-S5-EVO, 22.1R3-S5-EVO, 22.2R3-S3-EVO, 22.3R3-S2-EVO, 22.4R3-EVO, 23.2R1-S2-EVO, 23.2R2-EVO, 23.4R1-EVO, and all subsequent releases. Restoration: To completely remediate this issue, any previously written traceoptions log files should be deleted or have their file permissions changed. See Workaround section above for details.

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2024-39544?

    CVE-2024-39544 has been classified with medium severity due to its potential for exposing sensitive information.

  • How do I fix CVE-2024-39544?

    To fix CVE-2024-39544, upgrade to the latest version of Junos OS Evolved that is beyond the affected versions listed.

  • Who is affected by CVE-2024-39544?

    CVE-2024-39544 affects all Junos OS Evolved platforms that operate within the specified version range.

  • What exposure does CVE-2024-39544 present?

    CVE-2024-39544 allows low privileged local attackers to view sensitive NETCONF traceoptions files.

  • What is the nature of the vulnerability in CVE-2024-39544?

    CVE-2024-39544 is an Incorrect Default Permissions vulnerability that leads to potential information exposure.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203