Juniper Junos CVE-2019-0058 Local Privilege Escalation Vulnerability

Description

Juniper Junos is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to gain elevated privileges. Juniper Junos 12.3X48 versions prior to 12.3X48-D80 are vulnerable

Technologies Affected

• Juniper Junos 12.3X48
• Juniper Junos 12.3X48-D10
• Juniper Junos 12.3X48-D15
• Juniper Junos 12.3X48-D20
• Juniper Junos 12.3X48-D25
• Juniper Junos 12.3X48-D30
• Juniper Junos 12.3X48-D30.7
• Juniper Junos 12.3X48-D35
• Juniper Junos 12.3X48-D40
• Juniper Junos 12.3X48-D45
• Juniper Junos 12.3X48-D50
• Juniper Junos 12.3X48-D51
• Juniper Junos 12.3X48-D55
• Juniper Junos 12.3X48-D60
• Juniper Junos 12.3X48-D61
• Juniper Junos 12.3X48-D65
• Juniper Junos 12.3X48-D66
• Juniper Junos 12.3X48-D70
• Juniper Junos 12.3X48-D75
• Juniper Junos 12.3X48-D76
• Juniper Junos 12.3X48-D77

Recommendations

Permit local access for trusted individuals only. Where possible, use restricted environments and restricted shells.
Ensure that only trusted users have local, interactive access to affected computers.

To limit the consequences of successful exploits, run the server in a closed or restricted environment.
To limit the impact of a successful exploit, run server software with the least privileges required and in restricted environments while still maintaining functionality.

Updates are available. Please see the references or vendor advisory for more information.