CVE-2020-1619

Name of the Vulnerable Software and Affected Versions: Juniper Networks Junos OS versions prior to 16.1R7-S6 Juniper Networks Junos OS versions prior to 16.2R2-S11 Juniper Networks Junos OS versions prior to 17.1R2-S11, 17.1R3 Juniper Networks Junos OS versions prior to 17.2R1-S9, 17.2R3-S3 Juniper Networks Junos OS versions prior to 17.3R2-S5, 17.3R3-S7 Juniper Networks Junos OS versions prior to 17.4R2-S7, 17.4R3 Juniper Networks Junos OS versions prior to 18.1R3-S4 Juniper Networks Junos OS versions prior to 18.2R3 Juniper Networks Junos OS versions prior to 18.2X75-D50 Juniper Networks Junos OS versions prior to 18.3R2 Juniper Networks Junos OS versions prior to 18.4R2

Description: A privilege escalation issue allows a local authenticated high privileged user to access the underlying WRL host. This issue affects QFX10K Series, EX9200 Series, MX Series, and PTX Series with Next-Generation Routing Engine (NG-RE) that uses vmhost.

Recommendations: To resolve the issue for versions prior to 16.1R7-S6, update to 16.1R7-S6 or later. To resolve the issue for versions prior to 16.2R2-S11, update to 16.2R2-S11 or later. To resolve the issue for versions prior to 17.1R2-S11, 17.1R3, update to 17.1R2-S11, 17.1R3 or later. To resolve the issue for versions prior to 17.2R1-S9, 17.2R3-S3, update to 17.2R1-S9, 17.2R3-S3 or later. To resolve the issue for versions prior to 17.3R2-S5, 17.3R3-S7, update to 17.3R2-S5, 17.3R3-S7 or later. To resolve the issue for versions prior to 17.4R2-S7, 17.4R3, update to 17.4R2-S7, 17.4R3 or later. To resolve the issue for versions prior to 18.1R3-S4, update to 18.1R3-S4 or later. To resolve the issue for versions prior to 18.2R3, update to 18.2R3 or later. To resolve the issue for versions prior to 18.2X75-D50, update to 18.2X75-D50 or later. To resolve the issue for versions prior to 18.3R2, update to 18.3R2 or later. To resolve the issue for versions prior to 18.4R2, update to 18.4R2 or later.