CVE-2024-39546

Published: Jul 11, 2024Modified: Aug 8, 2025

7.0

Vector

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:XShow less

Source: sirt@juniper.net (Secondary)

Description

A Missing Authorization vulnerability in the Socket Intercept (SI) command file interface of Juniper Networks Junos OS Evolved allows an authenticated, low-privilege local attacker to modify certain files, allowing the attacker to cause any command to execute with root privileges leading to privilege escalation ultimately compromising the system. This issue affects Junos OS Evolved: * All versions prior to 21.2R3-S8-EVO, * 21.4 versions prior to 21.4R3-S6-EVO, * 22.1 versions prior to 22.1R3-S5-EVO, * 22.2 versions prior to 22.2R3-S3-EVO, * 22.3 versions prior to 22.3R3-S3-EVO, * 22.4 versions prior to 22.4R3-EVO, * 23.2 versions prior to 23.2R2-EVO.

Affected (126)

Products: Juniper: Junos Os Evolved

Juniper

1 product

Junos Os Evolved

Configuration A

126 vulnerable

Vulnerable Software	Affected Versions
Juniper Junos Os Evolved	Version 18.3 r1
Juniper Junos Os Evolved	Version 19.1 r1
Juniper Junos Os Evolved	Version 19.1 r2
Juniper Junos Os Evolved	Version 19.2 r1
Juniper Junos Os Evolved	Version 19.2 r2
Juniper Junos Os Evolved	Version 19.3 r1
Juniper Junos Os Evolved	Version 19.3 r2
Juniper Junos Os Evolved	Version 19.4 r1-s1
Juniper Junos Os Evolved	Version 19.4 r1
Juniper Junos Os Evolved	Version 19.4 r2-s1
Juniper Junos Os Evolved	Version 19.4 r2-s2
Juniper Junos Os Evolved	Version 19.4 r2
Juniper Junos Os Evolved	Version 20.1
Juniper Junos Os Evolved	Version 20.1 r1-s1
Juniper Junos Os Evolved	Version 20.1 r1
Juniper Junos Os Evolved	Version 20.1 r2-s1
Juniper Junos Os Evolved	Version 20.1 r2-s2
Juniper Junos Os Evolved	Version 20.1 r2-s3
Juniper Junos Os Evolved	Version 20.1 r2-s4
Juniper Junos Os Evolved	Version 20.1 r2-s5
Juniper Junos Os Evolved	Version 20.1 r2
Juniper Junos Os Evolved	Version 20.1 r3
Juniper Junos Os Evolved	Version 20.2
Juniper Junos Os Evolved	Version 20.2 r1-s1
Juniper Junos Os Evolved	Version 20.2 r1
Juniper Junos Os Evolved	Version 20.2 r2-s1
Juniper Junos Os Evolved	Version 20.2 r2
Juniper Junos Os Evolved	Version 20.2 r3
Juniper Junos Os Evolved	Version 20.3
Juniper Junos Os Evolved	Version 20.3 r1-s1
Juniper Junos Os Evolved	Version 20.3 r1-s2
Juniper Junos Os Evolved	Version 20.3 r1-s3
Juniper Junos Os Evolved	Version 20.3 r1
Juniper Junos Os Evolved	Version 20.3 r2
Juniper Junos Os Evolved	Version 20.4
Juniper Junos Os Evolved	Version 20.4 r1-s1
Juniper Junos Os Evolved	Version 20.4 r1-s2
Juniper Junos Os Evolved	Version 20.4 r1
Juniper Junos Os Evolved	Version 20.4 r2-s1
Juniper Junos Os Evolved	Version 20.4 r2-s2
Juniper Junos Os Evolved	Version 20.4 r2-s3
Juniper Junos Os Evolved	Version 20.4 r2
Juniper Junos Os Evolved	Version 20.4 r3-s1
Juniper Junos Os Evolved	Version 20.4 r3-s2
Juniper Junos Os Evolved	Version 20.4 r3-s3
Juniper Junos Os Evolved	Version 20.4 r3-s4
Juniper Junos Os Evolved	Version 20.4 r3-s5
Juniper Junos Os Evolved	Version 20.4 r3-s6
Juniper Junos Os Evolved	Version 20.4 r3-s7
Juniper Junos Os Evolved	Version 20.4 r3-s8
Juniper Junos Os Evolved	Version 20.4 r3-s9
Juniper Junos Os Evolved	Version 20.4 r3
Juniper Junos Os Evolved	Version 21.1
Juniper Junos Os Evolved	Version 21.1 r1-s1
Juniper Junos Os Evolved	Version 21.1 r1
Juniper Junos Os Evolved	Version 21.1 r2
Juniper Junos Os Evolved	Version 21.1 r3-s1
Juniper Junos Os Evolved	Version 21.1 r3-s2
Juniper Junos Os Evolved	Version 21.1 r3-s3
Juniper Junos Os Evolved	Version 21.1 r3
Juniper Junos Os Evolved	Version 21.2
Juniper Junos Os Evolved	Version 21.2 r1-s1
Juniper Junos Os Evolved	Version 21.2 r1-s2
Juniper Junos Os Evolved	Version 21.2 r1
Juniper Junos Os Evolved	Version 21.2 r2-s1
Juniper Junos Os Evolved	Version 21.2 r2-s2
Juniper Junos Os Evolved	Version 21.2 r2
Juniper Junos Os Evolved	Version 21.2 r3-s1
Juniper Junos Os Evolved	Version 21.2 r3-s2
Juniper Junos Os Evolved	Version 21.2 r3-s3
Juniper Junos Os Evolved	Version 21.2 r3-s4
Juniper Junos Os Evolved	Version 21.2 r3-s5
Juniper Junos Os Evolved	Version 21.2 r3-s6
Juniper Junos Os Evolved	Version 21.2 r3-s7
Juniper Junos Os Evolved	Version 21.2 r3
Juniper Junos Os Evolved	Version 21.4
Juniper Junos Os Evolved	Version 21.4 r1-s1
Juniper Junos Os Evolved	Version 21.4 r1-s2
Juniper Junos Os Evolved	Version 21.4 r1
Juniper Junos Os Evolved	Version 21.4 r2-s1
Juniper Junos Os Evolved	Version 21.4 r2-s2
Juniper Junos Os Evolved	Version 21.4 r2
Juniper Junos Os Evolved	Version 21.4 r3-s1
Juniper Junos Os Evolved	Version 21.4 r3-s2
Juniper Junos Os Evolved	Version 21.4 r3-s3
Juniper Junos Os Evolved	Version 21.4 r3-s4
Juniper Junos Os Evolved	Version 21.4 r3-s5
Juniper Junos Os Evolved	Version 22.1
Juniper Junos Os Evolved	Version 22.1 r1-s1
Juniper Junos Os Evolved	Version 22.1 r1-s2
Juniper Junos Os Evolved	Version 22.1 r1
Juniper Junos Os Evolved	Version 22.1 r2-s1
Juniper Junos Os Evolved	Version 22.1 r2
Juniper Junos Os Evolved	Version 22.1 r3-s1
Juniper Junos Os Evolved	Version 22.1 r3-s2
Juniper Junos Os Evolved	Version 22.1 r3-s3
Juniper Junos Os Evolved	Version 22.1 r3-s4
Juniper Junos Os Evolved	Version 22.2
Juniper Junos Os Evolved	Version 22.2 r1-s1
Juniper Junos Os Evolved	Version 22.2 r1-s2
Juniper Junos Os Evolved	Version 22.2 r1
Juniper Junos Os Evolved	Version 22.2 r2-s1
Juniper Junos Os Evolved	Version 22.2 r2-s2
Juniper Junos Os Evolved	Version 22.2 r2
Juniper Junos Os Evolved	Version 22.2 r3-s1
Juniper Junos Os Evolved	Version 22.2 r3-s2
Juniper Junos Os Evolved	Version 22.3
Juniper Junos Os Evolved	Version 22.3 r1-s1
Juniper Junos Os Evolved	Version 22.3 r1-s2
Juniper Junos Os Evolved	Version 22.3 r1
Juniper Junos Os Evolved	Version 22.3 r2-s1
Juniper Junos Os Evolved	Version 22.3 r2-s2
Juniper Junos Os Evolved	Version 22.3 r2
Juniper Junos Os Evolved	Version 22.3 r3-s1
Juniper Junos Os Evolved	Version 22.3 r3-s2
Juniper Junos Os Evolved	Version 22.4
Juniper Junos Os Evolved	Version 22.4 r1-s1
Juniper Junos Os Evolved	Version 22.4 r1-s2
Juniper Junos Os Evolved	Version 22.4 r1
Juniper Junos Os Evolved	Version 22.4 r2-s1
Juniper Junos Os Evolved	Version 22.4 r2-s2
Juniper Junos Os Evolved	Version 22.4 r2
Juniper Junos Os Evolved	Version 23.2
Juniper Junos Os Evolved	Version 23.2 r1-s1
Juniper Junos Os Evolved	Version 23.2 r1-s2
Juniper Junos Os Evolved	Version 23.2 r1

Related CWEs

CWE-862

Missing Authorization

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

References (2)

https://supportportal.juniper.net/JSA83008

Source: sirt@juniper.net

Vendor Advisory

https://supportportal.juniper.net/JSA83008

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.