Lucene search
HistoryJan 15, 2021 - 6:15 p.m.
CVE-2021-0223
cve-2021-0223
juniper networks
junos os
telnetd.real
local privilege escalation
vulnerability
nvd
security issue
7.2 High
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0.0004 Low
EPSS
Percentile
5.1%
A local privilege escalation vulnerability in telnetd.real of Juniper Networks Junos OS may allow a locally authenticated shell user to escalate privileges and execute arbitrary commands as root. telnetd.real is shipped with setuid permissions enabled and is owned by the root user, allowing local users to run telnetd.real with root privileges. This issue affects Juniper Networks Junos OS: all versions prior to 15.1R7-S9; 17.3 versions prior to 17.3R3-S11; 17.4 versions prior to 17.4R2-S12, 17.4R3-S3; 18.1 versions prior to 18.1R3-S11; 18.2 versions prior to 18.2R3-S6; 18.3 versions prior to 18.3R2-S4, 18.3R3-S4; 18.4 versions prior to 18.4R2-S7, 18.4R3-S6; 19.1 versions prior to 19.1R2-S2, 19.1R3-S4; 19.2 versions prior to 19.2R1-S6, 19.2R3-S1; 19.3 versions prior to 19.3R3-S1; 19.4 versions prior to 19.4R2-S2, 19.4R3; 20.1 versions prior to 20.1R1-S4, 20.1R2; 20.2 versions prior to 20.2R2.
Affected configurations
Node
juniperjunosMatch15.1-
ORjuniperjunosMatch15.1a1
ORjuniperjunosMatch15.1f
ORjuniperjunosMatch15.1f1
ORjuniperjunosMatch15.1f2
ORjuniperjunosMatch15.1f2-s1
ORjuniperjunosMatch15.1f2-s2
ORjuniperjunosMatch15.1f2-s3
ORjuniperjunosMatch15.1f2-s4
ORjuniperjunosMatch15.1f3
ORjuniperjunosMatch15.1f4
ORjuniperjunosMatch15.1f5
ORjuniperjunosMatch15.1f5-s7
ORjuniperjunosMatch15.1f6
ORjuniperjunosMatch15.1f6-s1
ORjuniperjunosMatch15.1f6-s12
ORjuniperjunosMatch15.1f6-s2
ORjuniperjunosMatch15.1f6-s3
ORjuniperjunosMatch15.1f6-s4
ORjuniperjunosMatch15.1f6-s7
ORjuniperjunosMatch15.1f7
ORjuniperjunosMatch15.1r1
ORjuniperjunosMatch15.1r2
ORjuniperjunosMatch15.1r3
ORjuniperjunosMatch15.1r4
ORjuniperjunosMatch15.1r4-s7
ORjuniperjunosMatch15.1r4-s8
ORjuniperjunosMatch15.1r4-s9
ORjuniperjunosMatch15.1r5
ORjuniperjunosMatch15.1r5-s1
ORjuniperjunosMatch15.1r5-s5
ORjuniperjunosMatch15.1r5-s6
ORjuniperjunosMatch15.1r6
ORjuniperjunosMatch15.1r6-s1
ORjuniperjunosMatch15.1r6-s2
ORjuniperjunosMatch15.1r6-s6
ORjuniperjunosMatch15.1r7
ORjuniperjunosMatch15.1r7-s1
ORjuniperjunosMatch15.1r7-s2
ORjuniperjunosMatch15.1r7-s3
ORjuniperjunosMatch15.1r7-s4
ORjuniperjunosMatch15.1r7-s5
ORjuniperjunosMatch15.1r7-s6
ORjuniperjunosMatch15.1r7-s7
ORjuniperjunosMatch15.1r7-s8
ORjuniperjunosMatch17.3-
ORjuniperjunosMatch17.3r1-s1
ORjuniperjunosMatch17.3r2
ORjuniperjunosMatch17.3r2-s1
ORjuniperjunosMatch17.3r2-s2
ORjuniperjunosMatch17.3r2-s3
ORjuniperjunosMatch17.3r2-s4
ORjuniperjunosMatch17.3r2-s5
ORjuniperjunosMatch17.3r3-
ORjuniperjunosMatch17.3r3-s1
ORjuniperjunosMatch17.3r3-s10
ORjuniperjunosMatch17.3r3-s2
ORjuniperjunosMatch17.3r3-s3
ORjuniperjunosMatch17.3r3-s4
ORjuniperjunosMatch17.3r3-s5
ORjuniperjunosMatch17.3r3-s6
ORjuniperjunosMatch17.3r3-s7
ORjuniperjunosMatch17.3r3-s8
ORjuniperjunosMatch17.3r3-s9
ORjuniperjunosMatch17.4-
ORjuniperjunosMatch17.4r1
ORjuniperjunosMatch17.4r1-s1
ORjuniperjunosMatch17.4r1-s2
ORjuniperjunosMatch17.4r1-s4
ORjuniperjunosMatch17.4r1-s5
ORjuniperjunosMatch17.4r1-s6
ORjuniperjunosMatch17.4r1-s7
ORjuniperjunosMatch17.4r2
ORjuniperjunosMatch17.4r2-s1
ORjuniperjunosMatch17.4r2-s10
ORjuniperjunosMatch17.4r2-s2
ORjuniperjunosMatch17.4r2-s3
ORjuniperjunosMatch17.4r2-s4
ORjuniperjunosMatch17.4r2-s5
ORjuniperjunosMatch17.4r2-s6
ORjuniperjunosMatch17.4r2-s7
ORjuniperjunosMatch17.4r2-s8
ORjuniperjunosMatch17.4r2-s9
ORjuniperjunosMatch17.4r3
ORjuniperjunosMatch17.4r3-s1
ORjuniperjunosMatch17.4r3-s2
ORjuniperjunosMatch18.1-
ORjuniperjunosMatch18.1r1
ORjuniperjunosMatch18.1r2
ORjuniperjunosMatch18.1r2-s1
ORjuniperjunosMatch18.1r2-s2
ORjuniperjunosMatch18.1r2-s4
ORjuniperjunosMatch18.1r3
ORjuniperjunosMatch18.1r3-s1
ORjuniperjunosMatch18.1r3-s10
ORjuniperjunosMatch18.1r3-s2
ORjuniperjunosMatch18.1r3-s3
ORjuniperjunosMatch18.1r3-s4
ORjuniperjunosMatch18.1r3-s6
ORjuniperjunosMatch18.1r3-s7
ORjuniperjunosMatch18.1r3-s8
ORjuniperjunosMatch18.1r3-s9
ORjuniperjunosMatch18.2-
ORjuniperjunosMatch18.2r1
ORjuniperjunosMatch18.2r1-
ORjuniperjunosMatch18.2r1-s3
ORjuniperjunosMatch18.2r1-s4
ORjuniperjunosMatch18.2r1-s5
ORjuniperjunosMatch18.2r2
ORjuniperjunosMatch18.2r2-s1
ORjuniperjunosMatch18.2r2-s2
ORjuniperjunosMatch18.2r2-s3
ORjuniperjunosMatch18.2r2-s4
ORjuniperjunosMatch18.2r2-s5
ORjuniperjunosMatch18.2r2-s6
ORjuniperjunosMatch18.2r3
ORjuniperjunosMatch18.2r3-s1
ORjuniperjunosMatch18.2r3-s2
ORjuniperjunosMatch18.2r3-s3
ORjuniperjunosMatch18.2r3-s4
ORjuniperjunosMatch18.2r3-s5
ORjuniperjunosMatch18.3-
ORjuniperjunosMatch18.3r1
ORjuniperjunosMatch18.3r1-s1
ORjuniperjunosMatch18.3r1-s2
ORjuniperjunosMatch18.3r1-s3
ORjuniperjunosMatch18.3r1-s5
ORjuniperjunosMatch18.3r1-s6
ORjuniperjunosMatch18.3r2
ORjuniperjunosMatch18.3r2-s1
ORjuniperjunosMatch18.3r2-s2
ORjuniperjunosMatch18.3r2-s3
ORjuniperjunosMatch18.3r2-s4
ORjuniperjunosMatch18.3r3
ORjuniperjunosMatch18.3r3-s1
ORjuniperjunosMatch18.3r3-s2
ORjuniperjunosMatch18.3r3-s3
ORjuniperjunosMatch18.4-
ORjuniperjunosMatch18.4r1
ORjuniperjunosMatch18.4r1-s1
ORjuniperjunosMatch18.4r1-s2
ORjuniperjunosMatch18.4r1-s5
ORjuniperjunosMatch18.4r1-s6
ORjuniperjunosMatch18.4r2
ORjuniperjunosMatch18.4r2-s1
ORjuniperjunosMatch18.4r2-s2
ORjuniperjunosMatch18.4r2-s3
ORjuniperjunosMatch18.4r2-s4
ORjuniperjunosMatch18.4r2-s5
ORjuniperjunosMatch18.4r2-s6
ORjuniperjunosMatch18.4r3
ORjuniperjunosMatch18.4r3-s1
ORjuniperjunosMatch18.4r3-s2
ORjuniperjunosMatch18.4r3-s3
ORjuniperjunosMatch18.4r3-s4
ORjuniperjunosMatch18.4r3-s5
ORjuniperjunosMatch19.1-
ORjuniperjunosMatch19.1r1
ORjuniperjunosMatch19.1r1-s1
ORjuniperjunosMatch19.1r1-s2
ORjuniperjunosMatch19.1r1-s3
ORjuniperjunosMatch19.1r1-s4
ORjuniperjunosMatch19.1r1-s5
ORjuniperjunosMatch19.1r2
ORjuniperjunosMatch19.1r2-s1
ORjuniperjunosMatch19.1r3
ORjuniperjunosMatch19.1r3-s1
ORjuniperjunosMatch19.1r3-s2
ORjuniperjunosMatch19.1r3-s3
ORjuniperjunosMatch19.2-
ORjuniperjunosMatch19.2r1
ORjuniperjunosMatch19.2r1-s1
ORjuniperjunosMatch19.2r1-s2
ORjuniperjunosMatch19.2r1-s3
ORjuniperjunosMatch19.2r1-s4
ORjuniperjunosMatch19.2r1-s5
ORjuniperjunosMatch19.2r3
ORjuniperjunosMatch19.3-
ORjuniperjunosMatch19.3r1
ORjuniperjunosMatch19.3r1-s1
ORjuniperjunosMatch19.3r2
ORjuniperjunosMatch19.3r2-s1
ORjuniperjunosMatch19.3r2-s2
ORjuniperjunosMatch19.3r2-s3
ORjuniperjunosMatch19.3r2-s4
ORjuniperjunosMatch19.3r3
ORjuniperjunosMatch19.4r1
ORjuniperjunosMatch19.4r1-s1
ORjuniperjunosMatch19.4r1-s2
ORjuniperjunosMatch19.4r2
ORjuniperjunosMatch19.4r2-s1
ORjuniperjunosMatch19.4r3
ORjuniperjunosMatch20.1r1
ORjuniperjunosMatch20.1r1-s1
ORjuniperjunosMatch20.1r1-s2
ORjuniperjunosMatch20.1r1-s3
ORjuniperjunosMatch20.2r1
CNA Affected
[
{
"product": "Junos OS",
"vendor": "Juniper Networks",
"versions": [
{
"lessThan": "15.1R7-S9",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "17.3R3-S11",
"status": "affected",
"version": "17.3",
"versionType": "custom"
},
{
"lessThan": "17.4R2-S12, 17.4R3-S3",
"status": "affected",
"version": "17.4",
"versionType": "custom"
},
{
"lessThan": "18.1R3-S11",
"status": "affected",
"version": "18.1",
"versionType": "custom"
},
{
"lessThan": "18.2R3-S6",
"status": "affected",
"version": "18.2",
"versionType": "custom"
},
{
"lessThan": "18.3R2-S4, 18.3R3-S4",
"status": "affected",
"version": "18.3",
"versionType": "custom"
},
{
"lessThan": "18.4R2-S7, 18.4R3-S6",
"status": "affected",
"version": "18.4",
"versionType": "custom"
},
{
"lessThan": "19.1R2-S2, 19.1R3-S4",
"status": "affected",
"version": "19.1",
"versionType": "custom"
},
{
"lessThan": "19.2R1-S6, 19.2R3-S1",
"status": "affected",
"version": "19.2",
"versionType": "custom"
},
{
"lessThan": "19.3R3-S1",
"status": "affected",
"version": "19.3",
"versionType": "custom"
},
{
"lessThan": "19.4R2-S2, 19.4R3",
"status": "affected",
"version": "19.4",
"versionType": "custom"
},
{
"lessThan": "20.1R1-S4, 20.1R2",
"status": "affected",
"version": "20.1",
"versionType": "custom"
},
{
"lessThan": "20.2R2",
"status": "affected",
"version": "20.2",
"versionType": "custom"
}
]
}
]References
Social References
More
Related
nvd
nvd
CVE-2021-0223
2021-01-15 18:15:15
prion
prion
Privilege escalation
2021-01-15 18:15:00
cvelist
cvelist
nessus
nessus
7.2 High
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0.0004 Low
EPSS
Percentile
5.1%
Related for CVE-2021-0223