CVE-2023-44194

13.10.2023, 00:15

An Incorrect Default Permissions vulnerability in Juniper Networks Junos OS allows an unauthenticated attacker with local access to the device to create a backdoor with root privileges. The issue is caused by improper directory permissions on a certain system directory, allowing an attacker with access to this directory to create a backdoor with root privileges.

This issue affects Juniper Networks Junos OS:



  *  All versions prior to 20.4R3-S5;
  *  21.1 versions prior to 21.1R3-S4;
  *  21.2 versions prior to 21.2R3-S4;
  *  21.3 versions prior to 21.3R3-S3;
  *  21.4 versions prior to 21.4R3-S1.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	8.4 HIGH	LOCAL	LOW	NONE	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
juniper	CNA	8.4 HIGH	LOCAL	LOW	NONE	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE	ADP	---				---
CISA-ADP	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 4%

Vendor	Product	Version
juniper	junos	𝑥 < 20.4
juniper	junos	20.4
juniper	junos	20.4:r1
juniper	junos	20.4:r1-s1
juniper	junos	20.4:r2
juniper	junos	20.4:r2-s1
juniper	junos	20.4:r2-s2
juniper	junos	20.4:r3
juniper	junos	20.4:r3-s1
juniper	junos	20.4:r3-s2
juniper	junos	20.4:r3-s3
juniper	junos	20.4:r3-s4
juniper	junos	21.1
juniper	junos	21.1:r1
juniper	junos	21.1:r1-s1
juniper	junos	21.1:r2
juniper	junos	21.1:r2-s1
juniper	junos	21.1:r2-s2
juniper	junos	21.1:r3
juniper	junos	21.1:r3-s1
juniper	junos	21.1:r3-s2
juniper	junos	21.1:r3-s3
juniper	junos	21.2
juniper	junos	21.2:r1
juniper	junos	21.2:r1-s1
juniper	junos	21.2:r1-s2
juniper	junos	21.2:r2
juniper	junos	21.2:r2-s1
juniper	junos	21.2:r2-s2
juniper	junos	21.2:r3
juniper	junos	21.2:r3-s1
juniper	junos	21.2:r3-s2
juniper	junos	21.2:r3-s3
juniper	junos	21.3
juniper	junos	21.3:r1
juniper	junos	21.3:r1-s1
juniper	junos	21.3:r1-s2
juniper	junos	21.3:r2
juniper	junos	21.3:r2-s1
juniper	junos	21.3:r2-s2
juniper	junos	21.3:r3
juniper	junos	21.3:r3-s1
juniper	junos	21.4
juniper	junos	21.4:r1
juniper	junos	21.4:r1-s1
juniper	junos	21.4:r1-s2
juniper	junos	21.4:r2
juniper	junos	21.4:r2-s1
juniper	junos	21.4:r2-s2
juniper	junos	21.4:r3

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-276 - Incorrect Default Permissions
During installation, installed file permissions are set to allow anyone to modify those files.

References

https://supportportal.juniper.net/JSA73158