CVE-2023-28973

Name of the Vulnerable Software and Affected Versions Juniper Networks Junos OS Evolved versions prior to 20.4R3-S5-EVO Juniper Networks Junos OS Evolved 21.2 versions prior to 21.2R3-EVO Juniper Networks Junos OS Evolved 21.3 versions prior to 21.3R2-EVO Juniper Networks Junos OS Evolved 21.4 versions prior to 21.4R1-S2-EVO, 21.4R2-EVO

Description An Improper Authorization issue in the sysmanctl shell command allows a local, authenticated attacker to execute administrative commands, potentially impacting system integrity or availability. Administrative functions such as daemon restarting, routing engine (RE) switchover, and node shutdown can be performed through exploitation of the sysmanctl command. Access to the sysmanctl command is only available from the Junos shell, with no direct or indirect access from the Junos CLI.

Recommendations For Juniper Networks Junos OS Evolved versions prior to 20.4R3-S5-EVO, update to version 20.4R3-S5-EVO or later. For Juniper Networks Junos OS Evolved 21.2 versions prior to 21.2R3-EVO, update to version 21.2R3-EVO or later. For Juniper Networks Junos OS Evolved 21.3 versions prior to 21.3R2-EVO, update to version 21.3R2-EVO or later. For Juniper Networks Junos OS Evolved 21.4 versions prior to 21.4R1-S2-EVO, 21.4R2-EVO, update to a version that includes the fix for this issue. As a temporary workaround, consider restricting access to the sysmanctl command to minimize the risk of exploitation.