Junos OS Evolved: Missing Authorization vulnerability in the CLI of Juniper Networks Junos OS and Junos OS Evolved allows a local use…
Summary
A Missing Authorization vulnerability in the CLI of Juniper Networks Junos OS and Junos OS Evolved allows a local user with low privileges to read sensitive information. A local user with low privileges can execute the CLI command 'show mgd' with specific arguments which will expose sensitive information. This issue affects Junos OS: * all versions before 22.4R3-S8, * 23.2 versions before 23.2R2-S6, * 23.4 versions before 23.4R2-S6, * 24.2 versions before 24.2R2-S4, * 24.4 versions before 24.4R2-S1, * 25.2 version before 25.2R1-S2, 25.2R2; Junos OS Evolved: * all versions before 23.2R2-S6-EVO, * 23.4 version before 23.4R2-S6-EVO, * 24.2 version before 24.2R2-S4-EVO, * 24.4 versions before 24.4R2-S1-EVO, * 25.2 versions before 25.2R2-EVO.
- * all versions before 22
Official advisory · high-confidence parse· fetched 22 hours ago·verify at source
- 22.4R3-S8
- 23.2R2-S6
- 23.4R2-S6
- 24.2R2-S4
- 24.4R2-S1
- 25.2R1-S2
- 23.2R2-S6-EVO
- 23.4R2-S6-EVO
- 24.2R2-S4-EVO
- 24.4R2-S1-EVO
- 25.2R2-EVO
Official advisory · high-confidence parse· fetched 22 hours ago·verify at source
Mitigation
Mitigation steps weren't captured by the parser for this advisory — this is a parsing gap, not a statement that no fix exists. Read the vendor advisory below for the authoritative guidance.
Official advisory · high-confidence parse· fetched 22 hours ago·verify at source
Discussion(0)
No comments yet. Share field notes, upgrade gotchas, or questions — verify against the vendor advisory before acting on community advice.
Sign in to join the discussion.