{"containers": {"cna": {"affected": [{"product": "Junos OS", "vendor": "Juniper Networks", "versions": [{"lessThan": "18.4R1", "status": "unaffected", "version": "unspecified", "versionType": "custom"}, {"lessThan": "18.4R1-S8, 18.4R2-S8, 18.4R3-S8", "status": "affected", "version": "18.4", "versionType": "custom"}, {"lessThan": "19.1R2-S3, 19.1R3-S5", "status": "affected", "version": "19.1", "versionType": "custom"}, {"lessThan": "19.2R1-S7, 19.2R3-S2", "status": "affected", "version": "19.2", "versionType": "custom"}, {"lessThan": "19.3R2-S6, 19.3R3-S2", "status": "affected", "version": "19.3", "versionType": "custom"}, {"lessThan": "19.4R1-S4, 19.4R2-S4, 19.4R3-S3", "status": "affected", "version": "19.4", "versionType": "custom"}, {"lessThan": "20.1R2-S2, 20.1R3", "status": "affected", "version": "20.1", "versionType": "custom"}, {"lessThan": "20.2R2-S3, 20.2R3", "status": "affected", "version": "20.2", "versionType": "custom"}, {"lessThan": "20.3R2-S1, 20.3R3", "status": "affected", "version": "20.3", "versionType": "custom"}, {"lessThan": "20.4R2", "status": "affected", "version": "20.4", "versionType": "custom"}]}, {"product": "Junos OS Evolved", "vendor": "Juniper Networks", "versions": [{"lessThan": "20.4R2-EVO", "status": "affected", "version": "unspecified", "versionType": "custom"}, {"lessThan": "21.1R2-EVO", "status": "affected", "version": "21.1-EVO", "versionType": "custom"}]}], "configurations": [{"lang": "en", "value": "The following is an example of enabling gRPC in Junos:\n\n set system services extension-service request-response grpc ssl"}], "datePublic": "2021-10-13T00:00:00", "descriptions": [{"lang": "en", "value": "An Improper Privilege Management vulnerability in the gRPC framework, used by the Juniper Extension Toolkit (JET) API on Juniper Networks Junos OS and Junos OS Evolved, allows a network-based, low-privileged authenticated attacker to perform operations as root, leading to complete compromise of the targeted system. The issue is caused by the JET service daemon (jsd) process authenticating the user, then passing configuration operations directly to the management daemon (mgd) process, which runs as root. This issue affects Juniper Networks Junos OS: 18.4 versions prior to 18.4R1-S8, 18.4R2-S8, 18.4R3-S8; 19.1 versions prior to 19.1R2-S3, 19.1R3-S5; 19.2 versions prior to 19.2R1-S7, 19.2R3-S2; 19.3 versions prior to 19.3R2-S6, 19.3R3-S2; 19.4 versions prior to 19.4R1-S4, 19.4R2-S4, 19.4R3-S3; 20.1 versions prior to 20.1R2-S2, 20.1R3; 20.2 versions prior to 20.2R2-S3, 20.2R3; 20.3 versions prior to 20.3R2-S1, 20.3R3; 20.4 versions prior to 20.4R2. This issue does not affect Juniper Networks Junos OS versions prior to 18.4R1. Juniper Networks Junos OS Evolved: All versions prior to 20.4R2-EVO; 21.1-EVO versions prior to 21.1R2-EVO."}], "exploits": [{"lang": "en", "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-269", "description": "CWE-269 Improper Privilege Management", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-10-19T18:16:30", "orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "shortName": "juniper"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://kb.juniper.net/JSA11215"}], "solutions": [{"lang": "en", "value": "The following software releases have been updated to resolve this specific issue: \n\nJunos OS 18.4R1-S8, 18.4R2-S8, 18.4R3-S8, 19.1R2-S3, 19.1R3-S5, 19.2R1-S7, 19.2R3-S2, 19.3R2-S6, 19.3R3-S2, 19.4R1-S4, 19.4R2-S4, 19.4R3-S3, 20.1R2-S2, 20.1R3, 20.2R2-S3, 20.2R3, 20.3R2-S1, 20.3R3, 20.4R2, 21.1R1, and all subsequent releases.\n\nJunos OS Evolved 20.4R2-EVO, 21.1R2-EVO, 21.2R1-EVO, and all subsequent releases."}], "source": {"advisory": "JSA11215", "defect": ["1578302"], "discovery": "INTERNAL"}, "title": "Junos OS and Junos OS Evolved: Privilege escalation vulnerability in Juniper Extension Toolkit (JET)", "workarounds": [{"lang": "en", "value": "Use access lists or firewall filters to limit access to the device via gRPC only from trusted hosts and from trusted administrators"}], "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "sirt@juniper.net", "DATE_PUBLIC": "2021-10-13T16:00:00.000Z", "ID": "CVE-2021-31350", "STATE": "PUBLIC", "TITLE": "Junos OS and Junos OS Evolved: Privilege escalation vulnerability in Juniper Extension Toolkit (JET)"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Junos OS", "version": {"version_data": [{"version_affected": "<", "version_name": "18.4", "version_value": "18.4R1-S8, 18.4R2-S8, 18.4R3-S8"}, {"version_affected": "<", "version_name": "19.1", "version_value": "19.1R2-S3, 19.1R3-S5"}, {"version_affected": "<", "version_name": "19.2", "version_value": "19.2R1-S7, 19.2R3-S2"}, {"version_affected": "<", "version_name": "19.3", "version_value": "19.3R2-S6, 19.3R3-S2"}, {"version_affected": "<", "version_name": "19.4", "version_value": "19.4R1-S4, 19.4R2-S4, 19.4R3-S3"}, {"version_affected": "<", "version_name": "20.1", "version_value": "20.1R2-S2, 20.1R3"}, {"version_affected": "<", "version_name": "20.2", "version_value": "20.2R2-S3, 20.2R3"}, {"version_affected": "<", "version_name": "20.3", "version_value": "20.3R2-S1, 20.3R3"}, {"version_affected": "<", "version_name": "20.4", "version_value": "20.4R2"}, {"version_affected": "!<", "version_value": "18.4R1"}]}}, {"product_name": "Junos OS Evolved", "version": {"version_data": [{"version_affected": "<", "version_value": "20.4R2-EVO"}, {"version_affected": "<", "version_name": "21.1-EVO", "version_value": "21.1R2-EVO"}]}}]}, "vendor_name": "Juniper Networks"}]}}, "configuration": [{"lang": "en", "value": "The following is an example of enabling gRPC in Junos:\n\n set system services extension-service request-response grpc ssl"}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An Improper Privilege Management vulnerability in the gRPC framework, used by the Juniper Extension Toolkit (JET) API on Juniper Networks Junos OS and Junos OS Evolved, allows a network-based, low-privileged authenticated attacker to perform operations as root, leading to complete compromise of the targeted system. The issue is caused by the JET service daemon (jsd) process authenticating the user, then passing configuration operations directly to the management daemon (mgd) process, which runs as root. This issue affects Juniper Networks Junos OS: 18.4 versions prior to 18.4R1-S8, 18.4R2-S8, 18.4R3-S8; 19.1 versions prior to 19.1R2-S3, 19.1R3-S5; 19.2 versions prior to 19.2R1-S7, 19.2R3-S2; 19.3 versions prior to 19.3R2-S6, 19.3R3-S2; 19.4 versions prior to 19.4R1-S4, 19.4R2-S4, 19.4R3-S3; 20.1 versions prior to 20.1R2-S2, 20.1R3; 20.2 versions prior to 20.2R2-S3, 20.2R3; 20.3 versions prior to 20.3R2-S1, 20.3R3; 20.4 versions prior to 20.4R2. This issue does not affect Juniper Networks Junos OS versions prior to 18.4R1. Juniper Networks Junos OS Evolved: All versions prior to 20.4R2-EVO; 21.1-EVO versions prior to 21.1R2-EVO."}]}, "exploit": [{"lang": "en", "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."}], "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-269 Improper Privilege Management"}]}]}, "references": {"reference_data": [{"name": "https://kb.juniper.net/JSA11215", "refsource": "CONFIRM", "url": "https://kb.juniper.net/JSA11215"}]}, "solution": [{"lang": "en", "value": "The following software releases have been updated to resolve this specific issue: \n\nJunos OS 18.4R1-S8, 18.4R2-S8, 18.4R3-S8, 19.1R2-S3, 19.1R3-S5, 19.2R1-S7, 19.2R3-S2, 19.3R2-S6, 19.3R3-S2, 19.4R1-S4, 19.4R2-S4, 19.4R3-S3, 20.1R2-S2, 20.1R3, 20.2R2-S3, 20.2R3, 20.3R2-S1, 20.3R3, 20.4R2, 21.1R1, and all subsequent releases.\n\nJunos OS Evolved 20.4R2-EVO, 21.1R2-EVO, 21.2R1-EVO, and all subsequent releases."}], "source": {"advisory": "JSA11215", "defect": ["1578302"], "discovery": "INTERNAL"}, "work_around": [{"lang": "en", "value": "Use access lists or firewall filters to limit access to the device via gRPC only from trusted hosts and from trusted administrators"}]}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T22:55:53.551Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://kb.juniper.net/JSA11215"}]}]}, "cveMetadata": {"assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "assignerShortName": "juniper", "cveId": "CVE-2021-31350", "datePublished": "2021-10-19T18:16:30.117409Z", "dateReserved": "2021-04-15T00:00:00", "dateUpdated": "2024-09-16T18:49:28.144Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:18.4:-:*:*:*:*:*:*", "matchCriteriaId": "74CA9010-D3DE-487B-B46F-589A48AB0F0A", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:18.4:r1:*:*:*:*:*:*", "matchCriteriaId": "A38F224C-8E9B-44F3-9D4F-6C9F04F57927", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:18.4:r1-s1:*:*:*:*:*:*", "matchCriteriaId": "853F146A-9A0F-49B6-AFD2-9907434212F1", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:18.4:r1-s2:*:*:*:*:*:*", "matchCriteriaId": "8F73B88B-E66C-4ACD-B38D-9365FB230ABA", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:18.4:r1-s3:*:*:*:*:*:*", "matchCriteriaId": "EE1F82EC-3222-4158-8923-59CDA1909A9C", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:18.4:r1-s4:*:*:*:*:*:*", "matchCriteriaId": "8FE95D15-B5E5-4E74-9464-C72D8B646A6B", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:18.4:r1-s5:*:*:*:*:*:*", "matchCriteriaId": "C012CD07-706A-4E1C-B399-C55AEF5C8309", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:18.4:r1-s6:*:*:*:*:*:*", "matchCriteriaId": "A0C26E59-874A-4D87-9E7F-E366F4D65ED1", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:18.4:r1-s7:*:*:*:*:*:*", "matchCriteriaId": "75902119-60D0-49F8-8E01-666E0F75935A", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:18.4:r2-s8:*:*:*:*:*:*", "matchCriteriaId": "924C4EAC-2A52-45A9-BE0F-B62F070C3E3D", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:18.4:r3-s8:*:*:*:*:*:*", "matchCriteriaId": "44C4BE2C-814F-49AA-8B64-17245FC01270", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.1:-:*:*:*:*:*:*", "matchCriteriaId": "768C0EB7-8456-4BF4-8598-3401A54D21DA", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.1:r1:*:*:*:*:*:*", "matchCriteriaId": "5332B70A-F6B0-4C3B-90E2-5CBFB3326126", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.1:r1-s1:*:*:*:*:*:*", "matchCriteriaId": "81439FE8-5405-45C2-BC04-9823D2009A77", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.1:r1-s2:*:*:*:*:*:*", "matchCriteriaId": "E506138D-043E-485D-B485-94A2AB75F8E7", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.1:r1-s3:*:*:*:*:*:*", "matchCriteriaId": "0EF3C901-3599-463F-BEFB-8858768DC195", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.1:r1-s4:*:*:*:*:*:*", "matchCriteriaId": "CD806778-A995-4A9B-9C05-F4D7B1CB1F7D", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.1:r1-s5:*:*:*:*:*:*", "matchCriteriaId": "02B42BE8-1EF2-47F7-9F10-DE486A017EED", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.1:r1-s6:*:*:*:*:*:*", "matchCriteriaId": "0B372356-D146-420B-95C3-381D0383B595", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.1:r2:*:*:*:*:*:*", "matchCriteriaId": "DCAB79C9-6639-4ED0-BEC9-E7C8229DF977", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.1:r2-s1:*:*:*:*:*:*", "matchCriteriaId": "C8CF858F-84BB-4AEA-B829-FCF22C326160", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.1:r2-s2:*:*:*:*:*:*", "matchCriteriaId": "92292C23-DC38-42F1-97C1-8416BBB60FA9", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.1:r3-s5:*:*:*:*:*:*", "matchCriteriaId": "8120EAC3-DCCB-4429-A372-C0DAA3270A1F", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.2:-:*:*:*:*:*:*", "matchCriteriaId": "0E7545CE-6300-4E81-B5AF-2BE150C1B190", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.2:r1:*:*:*:*:*:*", "matchCriteriaId": "4CA3060F-1800-4A06-A453-FB8CE4B65312", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.2:r1-s1:*:*:*:*:*:*", "matchCriteriaId": "9A5B337A-727C-4767-AD7B-E0F7F99EB46F", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.2:r1-s2:*:*:*:*:*:*", "matchCriteriaId": "16FDE60B-7A99-4683-BC14-530B5B005F8B", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.2:r1-s3:*:*:*:*:*:*", "matchCriteriaId": "725D8C27-E4F8-4394-B4EC-B49B6D3C2709", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.2:r1-s4:*:*:*:*:*:*", "matchCriteriaId": "8233C3AB-470E-4D13-9BFD-C9E90918FD0B", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.2:r1-s5:*:*:*:*:*:*", "matchCriteriaId": "5F7A233A-D4F6-46FA-92E9-2ACE13E4A6A4", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.2:r1-s6:*:*:*:*:*:*", "matchCriteriaId": "ADCE4EA8-DDBA-4766-BB81-E4DA29723723", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.2:r3-s2:*:*:*:*:*:*", "matchCriteriaId": "920FE638-BDE6-403D-9083-2BDBF6A3326F", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.3:-:*:*:*:*:*:*", "matchCriteriaId": "59006503-B2CA-4F79-AC13-7C5615A74CE5", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.3:r1:*:*:*:*:*:*", "matchCriteriaId": "B8110DA9-54B1-43CF-AACB-76EABE0C9EF6", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.3:r1-s1:*:*:*:*:*:*", "matchCriteriaId": "11B5CC5A-1959-4113-BFCF-E4BA63D918C1", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.3:r2:*:*:*:*:*:*", "matchCriteriaId": "33F08A33-EF80-4D86-9A9A-9DF147B9B6D3", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.3:r2-s1:*:*:*:*:*:*", "matchCriteriaId": "AF24ACBD-5F84-47B2-BFF3-E9A56666269C", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.3:r2-s2:*:*:*:*:*:*", "matchCriteriaId": "3935A586-41BD-4FA5-9596-DED6F0864777", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.3:r2-s3:*:*:*:*:*:*", "matchCriteriaId": "B83FB539-BD7C-4BEE-9022-098F73902F38", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.3:r2-s4:*:*:*:*:*:*", "matchCriteriaId": "7659AC36-A5EA-468A-9793-C1EC914D36F4", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.3:r2-s5:*:*:*:*:*:*", "matchCriteriaId": "E0E018E1-568E-40F2-ADA5-F71509811879", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.3:r3-s2:*:*:*:*:*:*", "matchCriteriaId": "D3FEA876-302D-4F07-94E6-237C669538F2", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.4:r1:*:*:*:*:*:*", "matchCriteriaId": "DC743EE4-8833-452A-94DB-655BF139F883", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.4:r1-s1:*:*:*:*:*:*", "matchCriteriaId": "FE96A8EA-FFE3-4D8F-9266-21899149D634", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.4:r1-s2:*:*:*:*:*:*", "matchCriteriaId": "C12A75C6-2D00-4202-B861-00FF71585FA0", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.4:r1-s3:*:*:*:*:*:*", "matchCriteriaId": "70FF3DD4-14CB-435D-8529-0480EB853F60", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.4:r2-s4:*:*:*:*:*:*", "matchCriteriaId": "760E2418-B945-4467-BDAC-7702DDF4C4EE", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.4:r3-s3:*:*:*:*:*:*", "matchCriteriaId": "0886EFA6-47E3-4C1D-A278-D3891A487FED", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.1:r1:*:*:*:*:*:*", "matchCriteriaId": "8328FDE6-9707-4142-B905-3B07C0E28E35", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.1:r1-s1:*:*:*:*:*:*", "matchCriteriaId": "41CD982F-E6F2-4951-9F96-A76C142DF08E", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.1:r1-s2:*:*:*:*:*:*", "matchCriteriaId": "19FDC05F-5582-4F7E-B628-E58A3C0E7F2F", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.1:r1-s3:*:*:*:*:*:*", "matchCriteriaId": "401306D1-E9CE-49C6-8DC9-0E8747B9DC2C", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.1:r1-s4:*:*:*:*:*:*", "matchCriteriaId": "615EAF48-AD53-4CC2-B233-5EA5C0F72CB1", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.1:r2:*:*:*:*:*:*", "matchCriteriaId": "DC8E7547-6649-436D-BC45-184417680C72", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.1:r2-s1:*:*:*:*:*:*", "matchCriteriaId": "D9789FF8-D55C-4AF9-A250-E543A0EB826F", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.1:r3:*:*:*:*:*:*", "matchCriteriaId": "C21638A9-6AD8-4347-AA3F-64BC7BD71C0D", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r1:*:*:*:*:*:*", "matchCriteriaId": "CD07B7E2-F5C2-4610-9133-FDA9E66DFF4F", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r1-s1:*:*:*:*:*:*", "matchCriteriaId": "D3C23AEB-34DE-44FB-8D64-E69D6E8B7401", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r1-s2:*:*:*:*:*:*", "matchCriteriaId": "18DB9401-5A51-4BB3-AC2F-58F58F1C788C", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r1-s3:*:*:*:*:*:*", "matchCriteriaId": "06F53DA5-59AE-403C-9B1E-41CE267D8BB1", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r2:*:*:*:*:*:*", "matchCriteriaId": "3332262F-81DA-4D78-99C9-514CADA46611", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r2-s1:*:*:*:*:*:*", "matchCriteriaId": "B46B63A2-1518-4A29-940C-F05624C9658D", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r2-s2:*:*:*:*:*:*", "matchCriteriaId": "8E0D4959-3865-42A7-98CD-1103EBD84528", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r3:*:*:*:*:*:*", "matchCriteriaId": "681AE183-7183-46E7-82EA-28C398FA1C3D", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.3:r1:*:*:*:*:*:*", "matchCriteriaId": "5C9BC697-C7C9-447D-9EBD-E9711462583E", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.3:r1-s1:*:*:*:*:*:*", "matchCriteriaId": "7B80433B-57B1-49EF-B1A1-83781D6102E3", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.3:r2:*:*:*:*:*:*", "matchCriteriaId": "05D8427C-CDDE-4B2F-9CB8-41B9137660E4", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.3:r3:*:*:*:*:*:*", "matchCriteriaId": "7DA0E196-925E-4056-B411-E158702D5D4F", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r1:*:*:*:*:*:*", "matchCriteriaId": "20DDC6B7-BFC4-4F0B-8E68-442C23765BF2", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r1-s1:*:*:*:*:*:*", "matchCriteriaId": "037BA01C-3F5C-4503-A633-71765E9EF774", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:18.3:r1:*:*:*:*:*:*", "matchCriteriaId": "7E72627C-4793-4F22-B769-A3FFB77E7DE1", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:19.1:r1:*:*:*:*:*:*", "matchCriteriaId": "2C3245C5-9EE1-490C-B7C7-5C02F155DDD8", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:19.1:r2:*:*:*:*:*:*", "matchCriteriaId": "01A9BD92-5865-455D-9585-098DCFCC24DD", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:19.2:r1:*:*:*:*:*:*", "matchCriteriaId": "914D6984-1820-483B-AEB9-2C5257B5E900", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:19.2:r2:*:*:*:*:*:*", "matchCriteriaId": "14C57D33-01BB-4190-B787-F5BDACE82AFD", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:19.3:r1:*:*:*:*:*:*", "matchCriteriaId": "6480A5C9-3280-40C5-BC08-509555F28363", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:19.3:r2:*:*:*:*:*:*", "matchCriteriaId": "2D3C2D74-AF22-4BED-A0C5-089B5507D275", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:19.4:r1:*:*:*:*:*:*", "matchCriteriaId": "83447F3F-79A3-41DF-8FD1-31DCFCBE40A4", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:19.4:r1-s1:*:*:*:*:*:*", "matchCriteriaId": "1699821F-FBC6-4EB9-94E5-96AF1E4E4FDE", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:20.1:r1:*:*:*:*:*:*", "matchCriteriaId": "F64FBB4B-7CBF-499B-A523-804857DEFAFA", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:20.1:r1-s1:*:*:*:*:*:*", "matchCriteriaId": "EEBE159F-5D94-4C18-B922-331586BEA2CA", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:20.1:r2:*:*:*:*:*:*", "matchCriteriaId": "A38EBFC9-ECBD-4362-82B2-04C02009E85C", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:20.1:r2-s1:*:*:*:*:*:*", "matchCriteriaId": "0DF7C3A8-1279-4F38-9548-85AC7D6290FD", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:20.1:r2-s2:*:*:*:*:*:*", "matchCriteriaId": "50D38F97-81B0-4952-A1E3-0A9AA4D34820", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:20.2:r1:*:*:*:*:*:*", "matchCriteriaId": "FCA8D4D2-D49D-4F91-95E2-2A0E8599338A", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:20.2:r1-s1:*:*:*:*:*:*", "matchCriteriaId": "FF37C911-1904-475A-86F7-F92F34A1A88F", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:20.2:r2:*:*:*:*:*:*", "matchCriteriaId": "DDFFE53D-202D-4396-A470-0A09F3320375", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:20.3:r1:*:*:*:*:*:*", "matchCriteriaId": "4AFB91E3-CAAC-429F-A869-DDD40FB0F84D", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:20.3:r1-s1:*:*:*:*:*:*", "matchCriteriaId": "0A9CA997-2DDA-4808-B2AE-8804FEB798B2", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:20.3:r2:*:*:*:*:*:*", "matchCriteriaId": "423843B3-B2BE-427B-B625-4E3146D26390", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:20.4:r1:*:*:*:*:*:*", "matchCriteriaId": "C9C8866D-162F-4C9B-8167-2FBA25410368", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.1:*:*:*:*:*:*:*", "matchCriteriaId": "734DE5D8-198D-41C5-9320-F704FE664591", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos_os_evolved:21.1:r1-s1:*:*:*:*:*:*", "matchCriteriaId": "0099BDA9-9D4B-4D6C-8234-EFD9E8C63476", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "An Improper Privilege Management vulnerability in the gRPC framework, used by the Juniper Extension Toolkit (JET) API on Juniper Networks Junos OS and Junos OS Evolved, allows a network-based, low-privileged authenticated attacker to perform operations as root, leading to complete compromise of the targeted system. The issue is caused by the JET service daemon (jsd) process authenticating the user, then passing configuration operations directly to the management daemon (mgd) process, which runs as root. This issue affects Juniper Networks Junos OS: 18.4 versions prior to 18.4R1-S8, 18.4R2-S8, 18.4R3-S8; 19.1 versions prior to 19.1R2-S3, 19.1R3-S5; 19.2 versions prior to 19.2R1-S7, 19.2R3-S2; 19.3 versions prior to 19.3R2-S6, 19.3R3-S2; 19.4 versions prior to 19.4R1-S4, 19.4R2-S4, 19.4R3-S3; 20.1 versions prior to 20.1R2-S2, 20.1R3; 20.2 versions prior to 20.2R2-S3, 20.2R3; 20.3 versions prior to 20.3R2-S1, 20.3R3; 20.4 versions prior to 20.4R2. This issue does not affect Juniper Networks Junos OS versions prior to 18.4R1. Juniper Networks Junos OS Evolved: All versions prior to 20.4R2-EVO; 21.1-EVO versions prior to 21.1R2-EVO."}, {"lang": "es", "value": "Una vulnerabilidad de administraci\u00f3n de privilegios inapropiada en el marco gRPC, usado por la API de Juniper Extension Toolkit (JET) en Juniper Networks Junos OS y Junos OS Evolved, permite a un atacante autenticado poco privilegiado basado en la red llevar a cabo operaciones como root, conllevando a un compromiso completo del sistema objetivo. El problema est\u00e1 causado por el proceso del demonio de servicio JET (jsd) autenticando al usuario y luego pasa las operaciones de configuraci\u00f3n directamente al proceso del demonio de administraci\u00f3n (mgd), que se ejecuta como root. Este problema afecta a Juniper Networks Junos OS versiones: versiones 18.4 anteriores a 18.4R1-S8, 18.4R2-S8, 18.4R3-S8; versiones 19.1 anteriores a 19.1R2-S3, 19.1R3-S5; versiones 19.2 anteriores a 19.2R1-S7, 19.2R3-S2; versiones 19.3 anteriores a 19.3R2-S6, 19.3R3-S2; 19. 4 versiones anteriores a 19.4R1-S4, 19.4R2-S4, 19.4R3-S3; versiones 20.1 anteriores a 20.1R2-S2, 20.1R3; versiones 20.2 anteriores a 20.2R2-S3, 20.2R3; versiones 20.3 anteriores a 20.3R2-S1, 20.3R3; versiones 20.4 anteriores a 20.4R2. Este problema no afecta a las versiones de Juniper Networks Junos OS anteriores a 18.4R1. Juniper Networks Junos OS Evolved: Todas las versiones anteriores a 20.4R2-EVO; versiones 21.1-EVO anteriores a 21.1R2-EVO"}], "id": "CVE-2021-31350", "lastModified": "2021-10-25T12:58:38.770", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 9.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.6, "impactScore": 5.9, "source": "sirt@juniper.net", "type": "Secondary"}]}, "published": "2021-10-19T19:15:08.537", "references": [{"source": "sirt@juniper.net", "tags": ["Patch", "Vendor Advisory"], "url": "https://kb.juniper.net/JSA11215"}], "sourceIdentifier": "sirt@juniper.net", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-269"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-269"}], "source": "sirt@juniper.net", "type": "Secondary"}]}

{}