Lucene search

JuniperCVE-2021-0260

HistoryApr 22, 2021 - 8:15 p.m.

CVE-2021-0260

2021-04-2220:15:09

CWE-285

CWE-497

juniper

web.nvd.nist.gov

cve-2021-0260

juniper networks

junos os

snmp

vulnerability

unauthorized access

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

7.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

EPSS

0.001

Percentile

41.2%

JSON

An improper authorization vulnerability in the Simple Network Management Protocol daemon (snmpd) service of Juniper Networks Junos OS leads an unauthenticated attacker being able to perform SNMP read actions, an Exposure of System Data to an Unauthorized Control Sphere, or write actions to OIDs that support write operations, against the device without authentication. This issue affects: Juniper Networks Junos OS: 17.2 version 17.2R1 and later versions; 17.3 versions prior to 17.3R3-S9; 17.4 versions prior to 17.4R2-S12, 17.4R3-S5; 18.1 versions prior to 18.1R3-S13; 18.2 versions prior to 18.2R3-S8; 18.3 versions prior to 18.3R3-S5; 18.4 versions prior to 18.4R1-S8, 18.4R2-S5, 18.4R3; 19.1 versions prior to 19.1R2; 19.2 versions prior to 19.2R1-S6, 19.2R2; 19.3 versions prior to 19.3R2. This issue does not affect Juniper Networks Junos OS versions prior to 17.2R1.

Affected configurations

Nvd

Node

juniperjunosMatch17.2r1

juniperjunosMatch17.2r1-s1

juniperjunosMatch17.2r1-s2

juniperjunosMatch17.2r1-s3

juniperjunosMatch17.2r1-s4

juniperjunosMatch17.2r1-s5

juniperjunosMatch17.2r1-s6

juniperjunosMatch17.2r1-s7

juniperjunosMatch17.2r1-s8

juniperjunosMatch17.2r2

juniperjunosMatch17.2r2-s11

juniperjunosMatch17.2r2-s4

juniperjunosMatch17.2r2-s6

juniperjunosMatch17.2r2-s7

juniperjunosMatch17.2r3

juniperjunosMatch17.2r3-s1

juniperjunosMatch17.2r3-s2

juniperjunosMatch17.2r3-s3

juniperjunosMatch17.3-

juniperjunosMatch17.3r1

juniperjunosMatch17.3r1-s1

juniperjunosMatch17.3r1-s4

juniperjunosMatch17.3r2

juniperjunosMatch17.3r2-s1

juniperjunosMatch17.3r2-s2

juniperjunosMatch17.3r2-s3

juniperjunosMatch17.3r2-s4

juniperjunosMatch17.3r2-s5

juniperjunosMatch17.3r3

juniperjunosMatch17.3r3-

juniperjunosMatch17.3r3-s1

juniperjunosMatch17.3r3-s10

juniperjunosMatch17.3r3-s2

juniperjunosMatch17.3r3-s3

juniperjunosMatch17.3r3-s4

juniperjunosMatch17.3r3-s5

juniperjunosMatch17.3r3-s6

juniperjunosMatch17.3r3-s7

juniperjunosMatch17.3r3-s8

juniperjunosMatch17.4-

juniperjunosMatch17.4r1

juniperjunosMatch17.4r1-s1

juniperjunosMatch17.4r1-s2

juniperjunosMatch17.4r1-s3

juniperjunosMatch17.4r1-s4

juniperjunosMatch17.4r1-s5

juniperjunosMatch17.4r1-s6

juniperjunosMatch17.4r1-s7

juniperjunosMatch17.4r2

juniperjunosMatch17.4r2-s1

juniperjunosMatch17.4r2-s10

juniperjunosMatch17.4r2-s11

juniperjunosMatch17.4r2-s2

juniperjunosMatch17.4r2-s3

juniperjunosMatch17.4r2-s4

juniperjunosMatch17.4r2-s5

juniperjunosMatch17.4r2-s6

juniperjunosMatch17.4r2-s7

juniperjunosMatch17.4r2-s8

juniperjunosMatch17.4r2-s9

juniperjunosMatch17.4r3

juniperjunosMatch17.4r3-s1

juniperjunosMatch17.4r3-s2

juniperjunosMatch17.4r3-s3

juniperjunosMatch17.4r3-s4

juniperjunosMatch18.1-

juniperjunosMatch18.1r1

juniperjunosMatch18.1r2

juniperjunosMatch18.1r2-s1

juniperjunosMatch18.1r2-s2

juniperjunosMatch18.1r2-s4

juniperjunosMatch18.1r3

juniperjunosMatch18.1r3-s1

juniperjunosMatch18.1r3-s10

juniperjunosMatch18.1r3-s11

juniperjunosMatch18.1r3-s12

juniperjunosMatch18.1r3-s2

juniperjunosMatch18.1r3-s3

juniperjunosMatch18.1r3-s4

juniperjunosMatch18.1r3-s5

juniperjunosMatch18.1r3-s6

juniperjunosMatch18.1r3-s7

juniperjunosMatch18.1r3-s8

juniperjunosMatch18.1r3-s9

juniperjunosMatch18.2-

juniperjunosMatch18.2r1

juniperjunosMatch18.2r1-

juniperjunosMatch18.2r1-s2

juniperjunosMatch18.2r1-s3

juniperjunosMatch18.2r1-s4

juniperjunosMatch18.2r1-s5

juniperjunosMatch18.2r2

juniperjunosMatch18.2r2-s1

juniperjunosMatch18.2r2-s2

juniperjunosMatch18.2r2-s3

juniperjunosMatch18.2r2-s4

juniperjunosMatch18.2r2-s5

juniperjunosMatch18.2r2-s6

juniperjunosMatch18.2r2-s7

juniperjunosMatch18.2r3

juniperjunosMatch18.2r3-s1

juniperjunosMatch18.2r3-s2

juniperjunosMatch18.2r3-s3

juniperjunosMatch18.2r3-s4

juniperjunosMatch18.2r3-s5

juniperjunosMatch18.2r3-s6

juniperjunosMatch18.2r3-s7

juniperjunosMatch18.3-

juniperjunosMatch18.3r1

juniperjunosMatch18.3r1-s1

juniperjunosMatch18.3r1-s2

juniperjunosMatch18.3r1-s3

juniperjunosMatch18.3r1-s4

juniperjunosMatch18.3r1-s5

juniperjunosMatch18.3r1-s6

juniperjunosMatch18.3r2

juniperjunosMatch18.3r2-s1

juniperjunosMatch18.3r2-s2

juniperjunosMatch18.3r2-s3

juniperjunosMatch18.3r2-s4

juniperjunosMatch18.3r3

juniperjunosMatch18.3r3-s1

juniperjunosMatch18.3r3-s2

juniperjunosMatch18.3r3-s3

juniperjunosMatch18.3r3-s4

juniperjunosMatch18.4-

juniperjunosMatch18.4r1

juniperjunosMatch18.4r1-s1

juniperjunosMatch18.4r1-s2

juniperjunosMatch18.4r1-s3

juniperjunosMatch18.4r1-s4

juniperjunosMatch18.4r1-s5

juniperjunosMatch18.4r1-s6

juniperjunosMatch18.4r1-s7

juniperjunosMatch18.4r2

juniperjunosMatch18.4r2-s1

juniperjunosMatch18.4r2-s2

juniperjunosMatch18.4r2-s3

juniperjunosMatch18.4r2-s4

juniperjunosMatch19.1-

juniperjunosMatch19.1r1

juniperjunosMatch19.1r1-s1

juniperjunosMatch19.1r1-s2

juniperjunosMatch19.1r1-s3

juniperjunosMatch19.1r1-s4

juniperjunosMatch19.1r1-s5

juniperjunosMatch19.1r1-s6

juniperjunosMatch19.2-

juniperjunosMatch19.2r1

juniperjunosMatch19.2r1-s1

juniperjunosMatch19.2r1-s2

juniperjunosMatch19.2r1-s3

juniperjunosMatch19.2r1-s4

juniperjunosMatch19.2r1-s5

juniperjunosMatch19.3-

juniperjunosMatch19.3r1

juniperjunosMatch19.3r1-s1

VendorProductVersionCPE
juniperjunos17.2cpe:2.3:o:juniper:junos:17.2:r1:*:*:*:*:*:*
juniperjunos17.2cpe:2.3:o:juniper:junos:17.2:r1-s1:*:*:*:*:*:*
juniperjunos17.2cpe:2.3:o:juniper:junos:17.2:r1-s2:*:*:*:*:*:*
juniperjunos17.2cpe:2.3:o:juniper:junos:17.2:r1-s3:*:*:*:*:*:*
juniperjunos17.2cpe:2.3:o:juniper:junos:17.2:r1-s4:*:*:*:*:*:*
juniperjunos17.2cpe:2.3:o:juniper:junos:17.2:r1-s5:*:*:*:*:*:*
juniperjunos17.2cpe:2.3:o:juniper:junos:17.2:r1-s6:*:*:*:*:*:*
juniperjunos17.2cpe:2.3:o:juniper:junos:17.2:r1-s7:*:*:*:*:*:*
juniperjunos17.2cpe:2.3:o:juniper:junos:17.2:r1-s8:*:*:*:*:*:*
juniperjunos17.2cpe:2.3:o:juniper:junos:17.2:r2:*:*:*:*:*:*

Vendor	Product	Version	CPE
juniper	junos	17.2	cpe:2.3:o:juniper:junos:17.2:r1::::::
juniper	junos	17.2	cpe:2.3:o:juniper:junos:17.2:r1-s1::::::
juniper	junos	17.2	cpe:2.3:o:juniper:junos:17.2:r1-s2::::::
juniper	junos	17.2	cpe:2.3:o:juniper:junos:17.2:r1-s3::::::
juniper	junos	17.2	cpe:2.3:o:juniper:junos:17.2:r1-s4::::::
juniper	junos	17.2	cpe:2.3:o:juniper:junos:17.2:r1-s5::::::
juniper	junos	17.2	cpe:2.3:o:juniper:junos:17.2:r1-s6::::::
juniper	junos	17.2	cpe:2.3:o:juniper:junos:17.2:r1-s7::::::
juniper	junos	17.2	cpe:2.3:o:juniper:junos:17.2:r1-s8::::::
juniper	junos	17.2	cpe:2.3:o:juniper:junos:17.2:r2::::::

Rows per page:

1-10 of 1571

CNA Affected

[
  {
    "product": "Junos OS",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "lessThan": "17.2R1",
        "status": "unaffected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThan": "17.2*",
        "status": "affected",
        "version": "17.2R1",
        "versionType": "custom"
      },
      {
        "lessThan": "17.3R3-S9",
        "status": "affected",
        "version": "17.3",
        "versionType": "custom"
      },
      {
        "lessThan": "17.4R2-S12, 17.4R3-S5",
        "status": "affected",
        "version": "17.4",
        "versionType": "custom"
      },
      {
        "lessThan": "18.1R3-S13",
        "status": "affected",
        "version": "18.1",
        "versionType": "custom"
      },
      {
        "lessThan": "18.2R3-S8",
        "status": "affected",
        "version": "18.2",
        "versionType": "custom"
      },
      {
        "lessThan": "18.3R3-S5",
        "status": "affected",
        "version": "18.3",
        "versionType": "custom"
      },
      {
        "lessThan": "18.4R1-S8, 18.4R2-S5, 18.4R3",
        "status": "affected",
        "version": "18.4",
        "versionType": "custom"
      },
      {
        "lessThan": "19.1R2",
        "status": "affected",
        "version": "19.1",
        "versionType": "custom"
      },
      {
        "lessThan": "19.2R1-S6, 19.2R2",
        "status": "affected",
        "version": "19.2",
        "versionType": "custom"
      },
      {
        "lessThan": "19.3R2",
        "status": "affected",
        "version": "19.3",
        "versionType": "custom"
      }
    ]
  }
]

References

kb.juniper.net/JSA11151

Social References

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

7.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

EPSS

0.001

Percentile

41.2%

JSON

Related for CVE-2021-0260