CVE-2016-4922

Name of the Vulnerable Software and Affected Versions Junos OS versions 11.4 prior to 11.4R13-S3 Junos OS versions 12.1X46 prior to 12.1X46-D60 Junos OS versions 12.1X47 prior to 12.1X47-D45 Junos OS versions 12.3 prior to 12.3R12 Junos OS versions 12.3X48 prior to 12.3X48-D35 Junos OS versions 13.2 prior to 13.2R9 Junos OS versions 13.3 prior to 13.3R4-S11, 13.3R9 Junos OS versions 14.1 prior to 14.1R4-S12, 14.1R7 Junos OS versions 14.1X53 prior to 14.1X53-D28, 14.1X53-D40 Junos OS versions 14.1X55 prior to 14.1X55-D35 Junos OS versions 14.2 prior to 14.2R3-S10, 14.2R4-S7, 14.2R5 Junos OS versions 15.1 prior to 15.1F4, 15.1R3 Junos OS versions 15.1X49 prior to 15.1X49-D60 Junos OS versions 15.1X53 prior to 15.1X53-D57, 15.1X53-D70

Description The issue is related to the lack of input validation in the Junos operating system, which can be exploited by an attacker with local access to gain elevated privileges and complete control of the device. This can be achieved by using specific combinations of CLI commands and arguments.

Recommendations For Junos OS versions 11.4 prior to 11.4R13-S3, update to 11.4R13-S3 or later. For Junos OS versions 12.1X46 prior to 12.1X46-D60, update to 12.1X46-D60 or later. For Junos OS versions 12.1X47 prior to 12.1X47-D45, update to 12.1X47-D45 or later. For Junos OS versions 12.3 prior to 12.3R12, update to 12.3R12 or later. For Junos OS versions 12.3X48 prior to 12.3X48-D35, update to 12.3X48-D35 or later. For Junos OS versions 13.2 prior to 13.2R9, update to 13.2R9 or later. For Junos OS versions 13.3 prior to 13.3R4-S11, 13.3R9, update to 13.3R4-S11 or 13.3R9 or later. For Junos OS versions 14.1 prior to 14.1R4-S12, 14.1R7, update to 14.1R4-S12 or 14.1R7 or later. For Junos OS versions 14.1X53 prior to 14.1X53-D28, 14.1X53-D40, update to 14.1X53-D28 or 14.1X53-D40 or later. For Junos OS versions 14.1X55 prior to 14.1X55-D35, update to 14.1X55-D35 or later. For Junos OS versions 14.2 prior to 14.2R3-S10, 14.2R4-S7, 14.2R5, update to 14.2R3-S10 or 14.2R4-S7 or 14.2R5 or later. For Junos OS versions 15.1 prior to 15.1F4, 15.1R3, update to 15.1F4 or 15.1R3 or later. For Junos OS versions 15.1X49 prior to 15.1X49-D60, update to 15.1X49-D60 or later. For Junos OS versions 15.1X53 prior to 15.1X53-D57, 15.1X53-D70, update to 15.1X53-D57 or 15.1X53-D70 or later. As a temporary workaround, consider restricting access to CLI commands until a patch is available.