Lucene search

JuniperCVE-2023-28960

HistoryApr 17, 2023 - 10:15 p.m.

CVE-2023-28960

2023-04-1722:15:08

CWE-732

juniper

web.nvd.nist.gov

cve-2023-28960

juniper networks

junos os evolved

docker

permission assignment

vulnerability

security issue

nvd

CVSS3

8.2

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H

AI Score

7.9

Confidence

High

EPSS

Percentile

5.1%

JSON

An Incorrect Permission Assignment for Critical Resource vulnerability in Juniper Networks Junos OS Evolved allows a local, authenticated low-privileged attacker to copy potentially malicious files into an existing Docker container on the local system. A follow-on administrator could then inadvertently start the Docker container leading to the malicious files being executed as root. This issue only affects systems with Docker configured and enabled, which is not enabled by default. Systems without Docker started are not vulnerable to this issue. This issue affects Juniper Networks Junos OS Evolved: 20.4 versions prior to 20.4R3-S5-EVO; 21.2 versions prior to 21.2R3-EVO; 21.3 versions prior to 21.3R3-EVO; 21.4 versions prior to 21.4R2-EVO. This issue does not affect Juniper Networks Junos OS Evolved versions prior to 19.2R1-EVO.

Affected configurations

Nvd

Node

juniperjunos_os_evolvedMatch20.4-

juniperjunos_os_evolvedMatch20.4r1

juniperjunos_os_evolvedMatch20.4r1-s1

juniperjunos_os_evolvedMatch20.4r1-s2

juniperjunos_os_evolvedMatch20.4r2

juniperjunos_os_evolvedMatch20.4r2-s1

juniperjunos_os_evolvedMatch20.4r2-s2

juniperjunos_os_evolvedMatch20.4r2-s3

juniperjunos_os_evolvedMatch20.4r3

juniperjunos_os_evolvedMatch20.4r3-s1

juniperjunos_os_evolvedMatch20.4r3-s2

juniperjunos_os_evolvedMatch20.4r3-s3

juniperjunos_os_evolvedMatch20.4r3-s4

juniperjunos_os_evolvedMatch21.2-

juniperjunos_os_evolvedMatch21.2r1

juniperjunos_os_evolvedMatch21.2r1-s1

juniperjunos_os_evolvedMatch21.2r1-s2

juniperjunos_os_evolvedMatch21.2r2

juniperjunos_os_evolvedMatch21.2r2-s1

juniperjunos_os_evolvedMatch21.2r2-s2

juniperjunos_os_evolvedMatch21.3-

juniperjunos_os_evolvedMatch21.3r1

juniperjunos_os_evolvedMatch21.3r1-s1

juniperjunos_os_evolvedMatch21.3r2

juniperjunos_os_evolvedMatch21.3r2-s1

juniperjunos_os_evolvedMatch21.3r2-s2

juniperjunos_os_evolvedMatch21.4-

juniperjunos_os_evolvedMatch21.4r1

juniperjunos_os_evolvedMatch21.4r1-s1

juniperjunos_os_evolvedMatch21.4r1-s2

VendorProductVersionCPE
juniperjunos_os_evolved20.4cpe:2.3:o:juniper:junos_os_evolved:20.4:-:*:*:*:*:*:*
juniperjunos_os_evolved20.4cpe:2.3:o:juniper:junos_os_evolved:20.4:r1:*:*:*:*:*:*
juniperjunos_os_evolved20.4cpe:2.3:o:juniper:junos_os_evolved:20.4:r1-s1:*:*:*:*:*:*
juniperjunos_os_evolved20.4cpe:2.3:o:juniper:junos_os_evolved:20.4:r1-s2:*:*:*:*:*:*
juniperjunos_os_evolved20.4cpe:2.3:o:juniper:junos_os_evolved:20.4:r2:*:*:*:*:*:*
juniperjunos_os_evolved20.4cpe:2.3:o:juniper:junos_os_evolved:20.4:r2-s1:*:*:*:*:*:*
juniperjunos_os_evolved20.4cpe:2.3:o:juniper:junos_os_evolved:20.4:r2-s2:*:*:*:*:*:*
juniperjunos_os_evolved20.4cpe:2.3:o:juniper:junos_os_evolved:20.4:r2-s3:*:*:*:*:*:*
juniperjunos_os_evolved20.4cpe:2.3:o:juniper:junos_os_evolved:20.4:r3:*:*:*:*:*:*
juniperjunos_os_evolved20.4cpe:2.3:o:juniper:junos_os_evolved:20.4:r3-s1:*:*:*:*:*:*

Vendor	Product	Version	CPE
juniper	junos_os_evolved	20.4	cpe:2.3:o:juniper:junos_os_evolved:20.4:-::::::
juniper	junos_os_evolved	20.4	cpe:2.3:o:juniper:junos_os_evolved:20.4:r1::::::
juniper	junos_os_evolved	20.4	cpe:2.3:o:juniper:junos_os_evolved:20.4:r1-s1::::::
juniper	junos_os_evolved	20.4	cpe:2.3:o:juniper:junos_os_evolved:20.4:r1-s2::::::
juniper	junos_os_evolved	20.4	cpe:2.3:o:juniper:junos_os_evolved:20.4:r2::::::
juniper	junos_os_evolved	20.4	cpe:2.3:o:juniper:junos_os_evolved:20.4:r2-s1::::::
juniper	junos_os_evolved	20.4	cpe:2.3:o:juniper:junos_os_evolved:20.4:r2-s2::::::
juniper	junos_os_evolved	20.4	cpe:2.3:o:juniper:junos_os_evolved:20.4:r2-s3::::::
juniper	junos_os_evolved	20.4	cpe:2.3:o:juniper:junos_os_evolved:20.4:r3::::::
juniper	junos_os_evolved	20.4	cpe:2.3:o:juniper:junos_os_evolved:20.4:r3-s1::::::

Rows per page:

1-10 of 301

CNA Affected

[
  {
    "vendor": "Juniper Networks",
    "product": "Junos OS Evolved",
    "versions": [
      {
        "version": "unspecified",
        "lessThan": "19.2R1-EVO",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "20.4",
        "status": "affected",
        "lessThan": "20.4R3-S5-EVO",
        "versionType": "custom"
      },
      {
        "version": "21.2",
        "status": "affected",
        "lessThan": "21.2R3-EVO",
        "versionType": "custom"
      },
      {
        "version": "21.3",
        "status": "affected",
        "lessThan": "21.3R3-EVO",
        "versionType": "custom"
      },
      {
        "version": "21.4",
        "status": "affected",
        "lessThan": "21.4R2-EVO",
        "versionType": "custom"
      }
    ]
  }
]

References

supportportal.juniper.net/JSA70585

Social References

CVSS3

8.2

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H

AI Score

7.9

Confidence

High

EPSS

Percentile

5.1%

JSON

Related for CVE-2023-28960