CVE-2021-0252

Name of the Vulnerable Software and Affected Versions: Juniper Networks Junos OS on NFX Series versions 18.1R1 through 18.2R3-S5 Juniper Networks Junos OS on NFX Series versions 18.3 through 18.3R3-S3 Juniper Networks Junos OS on NFX Series versions 18.4 through 18.4R3-S4 Juniper Networks Junos OS on NFX Series versions 19.1 through 19.1R2 Juniper Networks Junos OS on NFX Series versions 19.2 through 19.2R2

Description: The issue affects Juniper Networks Junos OS on NFX Series devices, allowing an attacker to elevate their privileges via the Junos Device Management Daemon (JDMD) process. This is a local code execution issue. The JDMD as used by Junos Node Slicing, such as External Servers and In-Chassis Junos Node Slicing on certain MX series devices, is not affected.

Recommendations: For versions 18.1R1 through 18.2R3-S5, update to version 18.2R3-S5 or later. For versions 18.3 through 18.3R3-S3, update to version 18.3R3-S3 or later. For versions 18.4 through 18.4R3-S4, update to version 18.4R3-S4 or later. For versions 19.1 through 19.1R2, update to version 19.1R2 or later. For versions 19.2 through 19.2R2, update to version 19.2R2 or later.