Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Junos OS Evolved: The 'sysmanctl' shell command allows a local user to gain access to some administrative actions
Vulnerability Description
An Improper Authorization vulnerability in the 'sysmanctl' shell command of Juniper Networks Junos OS Evolved allows a local, authenticated attacker to execute administrative commands that could impact the integrity of the system or system availability. Administrative functions such as daemon restarting, routing engine (RE) switchover, and node shutdown can all be performed through exploitation of the 'sysmanctl' command. Access to the 'sysmanctl' command is only available from the Junos shell. Neither direct nor indirect access to 'sysmanctl' is available from the Junos CLI. This issue affects Juniper Networks Junos OS Evolved: All versions prior to 20.4R3-S5-EVO; 21.2 versions prior to 21.2R3-EVO; 21.3 versions prior to 21.3R2-EVO; 21.4 versions prior to 21.4R1-S2-EVO, 21.4R2-EVO.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Vulnerability Type
授权机制不恰当
Vulnerability Title
Juniper Networks Junos OS Evolved 授权问题漏洞
Vulnerability Description
Juniper Networks Junos OS Evolved是美国瞻博网络(Juniper Networks)公司的Junos OS 的升级版系统。 Juniper Networks Junos OS Evolved存在授权问题漏洞,该漏洞源于的“ sysmanctl ”shell 命令中存在不当授权,攻击者利用该漏洞可以执行可能影响系统完整性或系统可用性的管理命令,以下产品和版本受到影响:Juniper Networks Junos OS Evolved 20.4R3-S5-EVO之前的所有版本、
CVSS Information
N/A
Vulnerability Type
N/A