This issue affects Junos OS 12.3, 12.3X48, 14.1X53, 15.1, 15.1X49, 16.1, 16.2, 17.1, 17.2, 17.2X75, 17.3, 17.4, 18.1, 18.2, 18.3, 18.4, 19.1, 19.2.
A privilege escalation vulnerability in Juniper Networks Junos OS devices configured with dual Routing Engines (RE), Virtual Chassis (VC) or high-availability cluster may allow a local authenticated low-privileged user with access to the shell to perform unauthorized configuration modification.
This issue does not affect Junos OS device with single RE or stand-alone configuration.
This issue affects Juniper Networks Junos OS
12.3 versions prior to 12.3R12-S14;
12.3X48 versions prior to 12.3X48-D86, 12.3X48-D90;
14.1X53 versions prior to 14.1X53-D51;
15.1 versions prior to 15.1R7-S6;
15.1X49 versions prior to 15.1X49-D181, 15.1X49-D190;
15.1X53 versions prior to 15.1X53-D592;
16.1 versions prior to 16.1R4-S13, 16.1R7-S6;
16.2 versions prior to 16.2R2-S10;
17.1 versions prior to 17.1R2-S11, 17.1R3-S1;
17.2 versions prior to 17.2R1-S9, 17.2R3-S3;
17.3 versions prior to 17.3R3-S6;
17.4 versions prior to 17.4R2-S6, 17.4R3;
18.1 versions prior to 18.1R3-S7;
18.2 versions prior to 18.2R2-S5, 18.2R3-S1;
18.2 versions prior to 18.2X75-D12, 18.2X75-D33, 18.2X75-D420, 18.2X75-D60, 18.2X75-D411;
18.3 versions prior to 18.3R1-S5, 18.3R2-S1, 18.3R3;
18.4 versions prior to 18.4R1-S4, 18.4R2-S1, 18.4R3;
19.1 versions prior to 19.1R1-S2, 19.1R2;
19.2 versions prior to 19.2R1-S1, 19.2R2.
Juniper SIRT is not aware of any malicious exploitation of this vulnerability.
This issue was found during internal product security testing or research.
This issue has been assigned CVE-2020-1630.
The following software releases have been updated to resolve this specific issue: 12.3R12-S14, 12.3X48-D86, 12.3X48-D90, 14.1X53-D51, 15.1R7-S6, 15.1X49-D181, 15.1X49-D190, 15.1X53-D592, 16.1R4-S13, 16.1R7-S6, 16.2R2-S10, 17.1R2-S11, 17.1R3-S1, 17.2R1-S9, 17.2R3-S3, 17.2X75-D110, 17.2X75-D44, 17.3R3-S6, 17.4R2-S6, 17.4R3, 18.1R3-S7, 18.2R2-S5, 18.2R3-S1, 18.2X75-D12, 18.2X75-D33, 18.2X75-D411, 18.2X75-D420, 18.2X75-D60, 18.3R1-S5, 18.3R1-S6, 18.3R2-S1, 18.3R2-S3, 18.3R3, 18.4R1-S4, 18.4R1-S5, 18.4R2-S1, 18.4R3, 19.1R1-S2, 19.1R2, 19.2R1-S1, 19.2R2, 19.3R1, and all subsequent releases.
This issue is being tracked as 1441795.
Disallow unprivileged authenticated users access to Junos shell.
Limit shell access to only trusted administrators.
2020-04-08: Initial publication
2020-04-08: Small correction in the description regarding 15.1X53.
Information for how Juniper Networks uses CVSS can be found at KB 16446 "Common Vulnerability Scoring System (CVSS) and Juniper's Security Advisories."