Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Junos Snapshot Administrator (JSNAPy) world writeable default configuration file permission
Vulnerability Description
JSNAPy is an open source python version of Junos Snapshot Administrator developed by Juniper available through github. The default configuration and sample files of JSNAPy automation tool versions prior to 1.3.0 are created world writable. This insecure file and directory permission allows unprivileged local users to alter the files under this directory including inserting operations not intended by the package maintainer, system administrator, or other users. This issue only affects users who downloaded and installed JSNAPy from github.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Juniper JSNAPy 权限许可和访问控制漏洞
Vulnerability Description
Juniper JSNAPy是美国瞻博网络(Juniper Networks)公司的一套Junos Snapshot Administrator备份软件的基于Python的开源版本,它主要用于保存运行Junos操作系统的联网设备的运行时环境快照。 Juniper JSNAPy 1.3.0之前版本中存在权限许可和访问控制漏洞,该漏洞源于程序将默认配置和示例文件创建为全局可写入。本地攻击者可利用该漏洞修改文件。
CVSS Information
N/A
Vulnerability Type
N/A