VDB

CVE-2021-0278

CVE-2021-0278 PUBLISHED CVSS 8.800000190734863 HIGH

An Improper Input Validation vulnerability in J-Web of Juniper Networks Junos OS allows a locally authenticated attacker to escalate their privileges to root over the target device. junos:18.3R3-S5 junos:18.4R3-S9 junos:19.1R3-S6 junos:19.3R2-S6 junos:19.3R3-S3 junos:19.4R1-S4 junos:19.4R3-S4 junos:20.1R2-S2 junos:20.1R3 junos:20.2R3-S1 junos:20.3X75-D20 junos:20.3X75-D30 junos:20.4R2-S1 junos:20.4R3 junos:21.1R1-S1 junos:21.1R2 junos:21.2R1 junos:21.3R1 This issue affects: Juniper Networks Junos OS 19.3 versions 19.3R1 and above prior to 19.3R2-S6, 19.3R3-S3; 19.4 versions prior to 19.4R3-S5; 20.1 versions prior to 20.1R2-S2, 20.1R3-S1; 20.2 versions prior to 20.2R3-S2; 20.3 versions prior to 20.3R3; 20.4 versions prior to 20.4R2-S1, 20.4R3; 21.1 versions prior to 21.1R1-S1, 21.1R2. This issue does not affect Juniper Networks Junos OS versions prior to 19.3R1.

EPSS 0.17% · 37.6th percentile

Risk Scores

CVSS 3.1
8.800000190734863
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
0.17%
37.6th percentile

Affected Products

VendorProductVersions
Juniper NetworksJunos OSunspecified, 19.3R1, 20.3
juniperjunos19.3, 19.3, 19.4

Timeline

  • Jul 15, 2021 CVE Published
  • Jul 16, 2021 EPSS Score
  • Sep 14, 2021 EPSS Score
  • Nov 12, 2021 EPSS Score
  • Jan 6, 2022 EPSS Score
  • Feb 4, 2022 EPSS Score
  • Mar 11, 2022 EPSS Score
  • Apr 1, 2022 EPSS Score
  • May 10, 2022 EPSS Score
  • Jul 9, 2022 EPSS Score
  • Sep 7, 2022 EPSS Score
  • Nov 6, 2022 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›