CVE-2016-4924
Last modified
CVE-2016-4924 is a vulnerability of currently unknown severity. An incorrect permissions vulnerability in Juniper Networks Junos OS on vMX may allow local unprivileged users on a host system read access to vMX or vPFE images and obtain sensitive information contained in them such as private cryptographic keys. This issue was found during internal product security testing. EPSS estimates a 0.31% chance of exploitation in the next 30 days.
Description
An incorrect permissions vulnerability in Juniper Networks Junos OS on vMX may allow local unprivileged users on a host system read access to vMX or vPFE images and obtain sensitive information contained in them such as private cryptographic keys. This issue was found during internal product security testing. Juniper SIRT is not aware of any malicious exploitation of this vulnerability. No other Juniper Networks products or platforms are affected by this issue. Affected releases are Juniper Networks Junos OS 15.1 prior to 15.1F5; 14.1 prior to 14.1R8
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions | Update |
|---|---|---|---|
| Juniper | Junos | 15.1 | F1 |
| Juniper | Junos | 14.1 | — |
References
- http://www.securityfocus.com/bid/93531Third Party Advisory, VDB Entry
- https://kb.juniper.net/JSA10766Vendor Advisory
- http://www.securityfocus.com/bid/93531Third Party Advisory, VDB Entry
- https://kb.juniper.net/JSA10766Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2016-4924?
How severe is CVE-2016-4924?
How do I fix CVE-2016-4924?
Are you affected by CVE-2016-4924?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST