A vulnerability has been identified in Juniper Networks Junos OS that involves improper access control in the user interface. This vulnerability allows a local, low-privileged attacker to disable an interface, causing a denial-of-service condition. Affected users with 'view' permissions can execute a specific 'request interface' command to shut down the interface. This issue impacts all versions of Junos OS prior to 21.2R3-S9, as well as several versions within the 21.x, 22.x, 23.x, and 24.x series.
Exploitation of this vulnerability leads to a denial-of-service condition by allowing low-privileged users to disable network interfaces.
Users can update to Junos OS versions 21.2R3-S9, 21.4R3-S11, 22.2R3-S7, 22.4R3-S7, 23.2R2-S4, 23.4R2-S5, 24.2R2-S1, 24.4R1-S3, 24.4R2, 25.2R1, or any subsequent release. As a workaround, CLI authorization can be used to prevent the execution of the 'request interface' command, and access lists or firewall filters can be applied to restrict CLI access to trusted hosts and administrators.
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.
