CVE-2024-47495

Severity CVSS v4.0:
HIGH
Type:
Unavailable / Other
Publication date:
11/10/2024
Last modified:
15/10/2024

Description

An Authorization Bypass Through User-Controlled Key vulnerability allows a locally authenticated attacker with shell access to gain full control of the device when Dual Routing Engines (REs) are in use on Juniper Networks Junos OS Evolved devices.<br /> <br /> This issue affects:<br /> Juniper Networks Junos OS Evolved with dual-REs:<br /> * All versions before 21.2R3-S8-EVO,<br /> * from 21.4-EVO before 21.4R3-S8-EVO,<br /> * from 22.2-EVO before 22.2R3-S4-EVO,<br /> * from 22.3-EVO before 22.3R3-S4-EVO,<br /> * from 22.4-EVO before 22.4R3-S3-EVO,<br /> * from 23.2-EVO before 23.2R2-S1-EVO,<br /> * from 23.4-EVO before 23.4R2-S1-EVO.<br /> <br /> <br /> <br /> This issue does not affect Juniper Networks Junos OS.

References to Advisories, Solutions, and Tools