CVE-2021-0278

Name of the Vulnerable Software and Affected Versions Juniper Networks Junos OS versions 19.3R1 and above prior to 19.3R2-S6, 19.3R3-S3 Juniper Networks Junos OS versions 19.4 prior to 19.4R3-S5 Juniper Networks Junos OS versions 20.1 prior to 20.1R2-S2, 20.1R3-S1 Juniper Networks Junos OS versions 20.2 prior to 20.2R3-S2 Juniper Networks Junos OS versions 20.3 prior to 20.3R3 Juniper Networks Junos OS versions 20.4 prior to 20.4R2-S1, 20.4R3 Juniper Networks Junos OS versions 21.1 prior to 21.1R1-S1, 21.1R2

Description An Improper Input Validation vulnerability in J-Web of Juniper Networks Junos OS allows a locally authenticated attacker to escalate their privileges to root over the target device. This issue exists due to insufficient input validation in the J-Web interface, which can be exploited by a remote attacker to gain elevated privileges.

Recommendations For Juniper Networks Junos OS versions 19.3R1 and above prior to 19.3R2-S6, 19.3R3-S3, update to version 19.3R2-S6 or 19.3R3-S3 or later. For Juniper Networks Junos OS versions 19.4 prior to 19.4R3-S5, update to version 19.4R3-S5 or later. For Juniper Networks Junos OS versions 20.1 prior to 20.1R2-S2, 20.1R3-S1, update to version 20.1R2-S2 or 20.1R3-S1 or later. For Juniper Networks Junos OS versions 20.2 prior to 20.2R3-S2, update to version 20.2R3-S2 or later. For Juniper Networks Junos OS versions 20.3 prior to 20.3R3, update to version 20.3R3 or later. For Juniper Networks Junos OS versions 20.4 prior to 20.4R2-S1, 20.4R3, update to version 20.4R2-S1 or 20.4R3 or later. For Juniper Networks Junos OS versions 21.1 prior to 21.1R1-S1, 21.1R2, update to version 21.1R1-S1 or 21.1R2 or later. As a temporary workaround, consider restricting access to the J-Web interface until a patch is available.