CVE-2021-0204

Name of the Vulnerable Software and Affected Versions Juniper Networks Junos OS versions prior to 15.1R7-S8 Juniper Networks Junos OS 15.1X49 versions prior to 15.1X49-D230 Juniper Networks Junos OS 17.3 versions prior to 17.3R3-S9 Juniper Networks Junos OS 17.4 versions prior to 17.4R2-S12, 17.4R3-S3 Juniper Networks Junos OS 18.1 versions prior to 18.1R3-S11 Juniper Networks Junos OS 18.2 versions prior to 18.2R3-S6 Juniper Networks Junos OS 18.2X75 versions prior to 18.2X75-D34 Juniper Networks Junos OS 18.3 versions prior to 18.3R3-S4 Juniper Networks Junos OS 18.4 versions prior to 18.4R2-S7, 18.4R3-S6 Juniper Networks Junos OS 19.1 versions prior to 19.1R1-S6, 19.1R2-S2, 19.1R3-S3 Juniper Networks Junos OS 19.2 versions prior to 19.2R1-S5, 19.2R3-S1 Juniper Networks Junos OS 19.3 versions prior to 19.3R2-S5, 19.3R3-S1 Juniper Networks Junos OS 19.4 versions prior to 19.4R1-S3, 19.4R2-S2, 19.4R3-S1 Juniper Networks Junos OS 20.1 versions prior to 20.1R1-S4, 20.1R2 Juniper Networks Junos OS 20.2 versions prior to 20.2R1-S2, 20.2R2

Description A sensitive information disclosure vulnerability in the delta-export configuration utility (dexp) of Juniper Networks Junos OS may allow a locally authenticated shell user to create and read database files generated by the dexp utility, including password hashes of local users. Since dexp is shipped with setuid permissions enabled and is owned by the root user, this vulnerability may allow a local privileged user to run dexp with root privileges and access sensitive information in the dexp database.

Recommendations For Juniper Networks Junos OS versions prior to 15.1R7-S8, update to version 15.1R7-S8 or later. For Juniper Networks Junos OS 15.1X49 versions prior to 15.1X49-D230, update to version 15.1X49-D230 or later. For Juniper Networks Junos OS 17.3 versions prior to 17.3R3-S9, update to version 17.3R3-S9 or later. For Juniper Networks Junos OS 17.4 versions prior to 17.4R2-S12, 17.4R3-S3, update to version 17.4R2-S12, 17.4R3-S3 or later. For Juniper Networks Junos OS 18.1 versions prior to 18.1R3-S11, update to version 18.1R3-S11 or later. For Juniper Networks Junos OS 18.2 versions prior to 18.2R3-S6, update to version 18.2R3-S6 or later. For Juniper Networks Junos OS 18.2X75 versions prior to 18.2X75-D34, update to version 18.2X75-D34 or later. For Juniper Networks Junos OS 18.3 versions prior to 18.3R3-S4, update to version 18.3R3-S4 or later. For Juniper Networks Junos OS 18.4 versions prior to 18.4R2-S7, 18.4R3-S6, update to version 18.4R2-S7, 18.4R3-S6 or later. For Juniper Networks Junos OS 19.1 versions prior to 19.1R1-S6, 19.1R2-S2, 19.1R3-S3, update to version 19.1R1-S6, 19.1R2-S2, 19.1R3-S3 or later. For Juniper Networks Junos OS 19.2 versions prior to 19.2R1-S5, 19.2R3-S1, update to version 19.2R1-S5, 19.2R3-S1 or later. For Juniper Networks Junos OS 19.3 versions prior to 19.3R2-S5, 19.3R3-S1, update to version 19.3R2-S5, 19.3R3-S1 or later. For Juniper Networks Junos OS 19.4 versions prior to 19.4R1-S3, 19.4R2-S2, 19.4R3-S1, update to version 19.4R1-S3, 19.4R2-S2, 19.4R3-S1 or later. For Juniper Networks Junos OS 20.1 versions prior to 20.1R1-S4, 20.1R2, update to version 20.1R1-S4, 20.1R2 or later. For Juniper Networks Junos OS 20.2 versions prior to 20.2R1-S2, 20.2R2, update to version 20.2R1-S2, 20.2R2 or later.