A Missing Authentication for Critical Function vulnerability in command processing of Juniper Networks Junos OS allows a privileged local attacker to gain access to Linux-based line cards as root.
This issue affects systems running Junos OS using Linux-based line cards. Affected line cards include:
MPC7, MPC8, MPC9, MPC10, MPC11
LC2101, LC2103
LC480, LC4800, LC9600
MX304 (built-in FPC)
MX-SPC3
SRX5K-SPC3
EX9200-40XS
FPC3-PTX-U2, FPC3-PTX-U3
FPC3-SFF-PTX
LC1101, LC1102, LC1104, LC1105
This issue affects Junos OS:
Exploitability
AV:LAC:LAT:NPR:HUI:NVulnerable System
VC:HVI:HVA:HSubsequent System
SC:LSI:LSA:L8.4/CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/AU:N/R:A/V:C/RE:M/U:AmberAuthentication