Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2024-39520

An Improper Neutralization of Special Elements vulnerability in Juniper Networks Junos OS Evolved commands allows a local, authenticated attacker with low privileges to escalate their privileges to 'root' leading to a full compromise of the system.

The Junos OS Evolved CLI doesn't properly handle command options in some cases, allowing users which execute specific CLI commands with a crafted set of parameters to escalate their privileges to root on shell level.

This issue affects Junos OS Evolved:

  • All version before 20.4R3-S6-EVO, 
  • 21.2-EVO versions before 21.2R3-S4-EVO,
  • 21.4-EVO versions before 21.4R3-S6-EVO, 
  • 22.2-EVO versions before 22.2R2-S1-EVO, 22.2R3-EVO, 
  • 22.3-EVO versions before 22.3R2-EVO.
  • Published: Jul 11, 2024
  • Updated: Jul 12, 2024
  • CVE: CVE-2024-39520
  • Severity: High
  • Exploit:

CVSS v3:

  • Severity: High
  • Score: 7.8
  • AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWEs:

OWASP TOP 10:

Software From Fixed in
juniper / junos_os_evolved 20.4-r1 20.4-r1.x
juniper / junos_os_evolved 21.2-r1 21.2-r1.x
juniper / junos_os_evolved 21.2-r1-s1 21.2-r1-s1.x
juniper / junos_os_evolved 21.2-r2 21.2-r2.x
juniper / junos_os_evolved 20.4-r1-s1 20.4-r1-s1.x
juniper / junos_os_evolved 20.4-r1-s2 20.4-r1-s2.x
juniper / junos_os_evolved 20.4-r3-s2 20.4-r3-s2.x
juniper / junos_os_evolved - 20.4
juniper / junos_os_evolved 21.2-r2-s1 21.2-r2-s1.x
juniper / junos_os_evolved 21.2-r1-s2 21.2-r1-s2.x
juniper / junos_os_evolved 21.2 21.2.x
juniper / junos_os_evolved 20.4 20.4.x
juniper / junos_os_evolved 20.4-r3-s1 20.4-r3-s1.x
juniper / junos_os_evolved 20.4-r3 20.4-r3.x
juniper / junos_os_evolved 20.4-r2-s3 20.4-r2-s3.x
juniper / junos_os_evolved 20.4-r2-s2 20.4-r2-s2.x
juniper / junos_os_evolved 20.4-r2-s1 20.4-r2-s1.x
juniper / junos_os_evolved 20.4-r2 20.4-r2.x
juniper / junos_os_evolved 20.4-r3-s3 20.4-r3-s3.x
juniper / junos_os_evolved 21.4-r2 21.4-r2.x
juniper / junos_os_evolved 21.4-r2-s1 21.4-r2-s1.x
juniper / junos_os_evolved 21.4-r2-s2 21.4-r2-s2.x
juniper / junos_os_evolved 21.4-r1-s2 21.4-r1-s2.x
juniper / junos_os_evolved 20.4-r3-s4 20.4-r3-s4.x
juniper / junos_os_evolved 21.4 21.4.x
juniper / junos_os_evolved 21.2-r3-s1 21.2-r3-s1.x
juniper / junos_os_evolved 20.4-r3-s5 20.4-r3-s5.x
juniper / junos_os_evolved 21.2-r3 21.2-r3.x
juniper / junos_os_evolved 21.4-r3 21.4-r3.x
juniper / junos_os_evolved 21.2-r2-s2 21.2-r2-s2.x
juniper / junos_os_evolved 21.2-r3-s2 21.2-r3-s2.x
juniper / junos_os_evolved 21.2-r3-s3 21.2-r3-s3.x
juniper / junos_os_evolved 21.2-r3-s4 21.2-r3-s4.x
juniper / junos_os_evolved 21.4-r3-s1 21.4-r3-s1.x
juniper / junos_os_evolved 21.4-r3-s2 21.4-r3-s2.x
juniper / junos_os_evolved 21.4-r3-s3 21.4-r3-s3.x
juniper / junos_os_evolved 21.4-r1-s1 21.4-r1-s1.x
juniper / junos_os_evolved 21.4-r1 21.4-r1.x
juniper / junos_os_evolved 22.2-r1-s1 22.2-r1-s1.x
juniper / junos_os_evolved 22.2-r1 22.2-r1.x
juniper / junos_os_evolved 22.3-r1 22.3-r1.x
juniper / junos_os_evolved 22.2-r2 22.2-r2.x
juniper / junos_os_evolved 21.4-r3-s4 21.4-r3-s4.x
juniper / junos_os_evolved 21.4-r3-s5 21.4-r3-s5.x
juniper / junos_os_evolved 22.3-r1-s1 22.3-r1-s1.x
juniper / junos_os_evolved 22.3-r1-s2 22.3-r1-s2.x
juniper / junos_os_evolved 22.3 22.3.x
juniper / junos_os_evolved 22.2 22.2.x