CVE-2016-4924

An incorrect permissions vulnerability in Juniper Networks Junos OS on vMX may allow local unprivileged users on a host system read access to vMX or vPFE images and obtain sensitive information contained in them such as private cryptographic keys. This issue was found during internal product security testing. Juniper SIRT is not aware of any malicious exploitation of this vulnerability. No other Juniper Networks products or platforms are affected by this issue. Affected releases are Juniper Networks Junos OS 15.1 prior to 15.1F5; 14.1 prior to 14.1R8

CVSS v3 5.5 MEDIUM
CVSS v2.0 1.7 LOW

5.5^/10

CVSS v3 : MEDIUM

Vector : AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

1.7^/10

CVSS v2.0 : LOW

Vector : AV:L/AC:L/Au:S/C:P/I:N/A:N

Exploitability : 3.1 / Impact : 2.9

Access Vector LOCAL

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
http://www.securityfocus.com/bid/93531	Third Party Advisory VDB Entry
https://kb.juniper.net/JSA10766	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:juniper:junos:15.1:f1::::::
	cpe:2.3:o:juniper:junos:15.1:f2::::::
	cpe:2.3:o:juniper:junos:15.1:f2-s1::::::
	cpe:2.3:o:juniper:junos:15.1:f2-s2::::::
	cpe:2.3:o:juniper:junos:15.1:f2-s3::::::
	cpe:2.3:o:juniper:junos:15.1:f2-s4::::::
	cpe:2.3:o:juniper:junos:15.1:f3::::::
	cpe:2.3:o:juniper:junos:15.1:f4::::::

Configuration 2 (hide)

OR	cpe:2.3:o:juniper:junos:14.1:::::::*
	cpe:2.3:o:juniper:junos:14.1:r1::::::
	cpe:2.3:o:juniper:junos:14.1:r2::::::
	cpe:2.3:o:juniper:junos:14.1:r3::::::
	cpe:2.3:o:juniper:junos:14.1:r4::::::
	cpe:2.3:o:juniper:junos:14.1:r5::::::
	cpe:2.3:o:juniper:junos:14.1:r6::::::
	cpe:2.3:o:juniper:junos:14.1:r7::::::

History

No history.

Information

Published : 2017-10-13 17:29

Updated : 2024-02-04 19:29

NVD link : CVE-2016-4924

Mitre link : CVE-2016-4924

CVE.ORG link : CVE-2016-4924

JSON object : View

Products Affected

juniper

junos

CWE

CWE-275

Permission Issues

{"id": "CVE-2016-4924", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 1.7, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:S/C:P/I:N/A:N", "authentication": "SINGLE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 3.1, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 1.8}, {"type": "Secondary", "source": "sirt@juniper.net", "cvssData": {"scope": "CHANGED", "version": "3.0", "baseScore": 8.4, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.8, "exploitabilityScore": 2.0}]}, "published": "2017-10-13T17:29:00.393", "references": [{"url": "http://www.securityfocus.com/bid/93531", "tags": ["Third Party Advisory", "VDB Entry"], "source": "sirt@juniper.net"}, {"url": "https://kb.juniper.net/JSA10766", "tags": ["Vendor Advisory"], "source": "sirt@juniper.net"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-275"}]}], "descriptions": [{"lang": "en", "value": "An incorrect permissions vulnerability in Juniper Networks Junos OS on vMX may allow local unprivileged users on a host system read access to vMX or vPFE images and obtain sensitive information contained in them such as private cryptographic keys. This issue was found during internal product security testing. Juniper SIRT is not aware of any malicious exploitation of this vulnerability. No other Juniper Networks products or platforms are affected by this issue. Affected releases are Juniper Networks Junos OS 15.1 prior to 15.1F5; 14.1 prior to 14.1R8"}, {"lang": "es", "value": "Una vulnerabilidad de permisos incorrectos en Juniper Networks Junos OS en vMX podr\u00eda permitir que usuarios locales sin privilegios en un sistema host tengan acceso de lectura a im\u00e1genes vMX o vPFE y obtengan informaci\u00f3n sensible contenida en ellas como claves criptogr\u00e1ficas privadas. Se encontr\u00f3 el problema durante un an\u00e1lisis de seguridad interno del producto. Juniper SIRT no conoce ninguna explotaci\u00f3n maliciosa de esta vulnerabilidad. No hay ning\u00fan otro producto o plataforma de Juniper Networks que se vea afectado por este problema. Las distribuciones afectadas son: Juniper Networks Junos OS 15.1 anteriores a 15.1F5 y 14.1 anteriores a 14.1R8."}], "lastModified": "2019-10-09T23:18:37.657", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:15.1:f1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C56F5C48-BA48-4EE1-88BE-782B3CFB3B90"}, {"criteria": "cpe:2.3:o:juniper:junos:15.1:f2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1C56E6C3-BBB6-4853-91D9-99C7676D0CD4"}, {"criteria": "cpe:2.3:o:juniper:junos:15.1:f2-s1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AC196685-3B0C-4754-AE6A-6BE456CC6B52"}, {"criteria": "cpe:2.3:o:juniper:junos:15.1:f2-s2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F0146AA9-C513-4871-A62A-52C9F40EB958"}, {"criteria": "cpe:2.3:o:juniper:junos:15.1:f2-s3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A18672EF-E33D-4ACE-BB0A-561812F502C7"}, {"criteria": "cpe:2.3:o:juniper:junos:15.1:f2-s4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CEF0E75F-831E-40B8-926D-B2E92A84E31B"}, {"criteria": "cpe:2.3:o:juniper:junos:15.1:f3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0E0ECBD8-3D66-49DA-A557-5695159F0C06"}, {"criteria": "cpe:2.3:o:juniper:junos:15.1:f4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0EAA2998-A0D6-4818-9E7C-25E8099403E7"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:14.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6237291A-B861-4D53-B7AA-C53A44B76896"}, {"criteria": "cpe:2.3:o:juniper:junos:14.1:r1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9C778627-820A-48F5-9680-0205D6DB5EB6"}, {"criteria": "cpe:2.3:o:juniper:junos:14.1:r2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FA7F03DC-73A2-4760-B386-2A57E9C97E65"}, {"criteria": "cpe:2.3:o:juniper:junos:14.1:r3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0CA10003-D52B-4110-9D7A-F50895E6BA17"}, {"criteria": "cpe:2.3:o:juniper:junos:14.1:r4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1B2D843A-8ADE-4888-8960-B48394DEA1D2"}, {"criteria": "cpe:2.3:o:juniper:junos:14.1:r5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3BE66516-A06D-4C0F-8346-DFC8865C8FE8"}, {"criteria": "cpe:2.3:o:juniper:junos:14.1:r6:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EEBDFC9E-7753-42A8-A5C8-4D40D219F93A"}, {"criteria": "cpe:2.3:o:juniper:junos:14.1:r7:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "25E5D543-D779-482D-AA8A-6E77C1949FBD"}], "operator": "OR"}]}], "sourceIdentifier": "sirt@juniper.net"}