Juniper Networks Support Insights Virtual Lightweight Collector Privilege Escalation Vulnerability

A vulnerability allowing privilege escalation to root has been identified in the command-line interface (CLI) of Juniper Networks Support Insights (JSI) Virtual Lightweight Collector (vLWC) versions prior to 3.0.94. This vulnerability arises from a permissive input validation flaw, which enables local, high-privileged attackers to inject shell commands. These commands are executed with root privileges, potentially allowing complete control over the system.

Impact

Exploitation of this vulnerability allows local, high-privileged attackers to escalate privileges to root, gaining full control of the system.

Remediation

Users can upgrade to JSI vLWC version 3.0.94 or later to address this vulnerability. Additionally, access to the CLI can be restricted through access lists or firewall filters, limiting access to trusted hosts and administrators.