An Incorrect Permission Assignment for Critical Resource vulnerability in Juniper Networks Junos OS Evolved allows a local, authenticated low-privileged malicious user to copy potentially malicious files into an existing Docker container on the local system. A follow-on administrator could then inadvertently start the Docker container leading to the malicious files being executed as root. This issue only affects systems with Docker configured and enabled, which is not enabled by default. Systems without Docker started are not vulnerable to this issue. This issue affects Juniper Networks Junos OS Evolved: 20.4 versions before 20.4R3-S5-EVO; 21.2 versions before 21.2R3-EVO; 21.3 versions before 21.3R3-EVO; 21.4 versions before 21.4R2-EVO. This issue does not affect Juniper Networks Junos OS Evolved versions before 19.2R1-EVO.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
juniper junos os evolved 20.4 |
||
juniper junos os evolved 21.2 |
||
juniper junos os evolved 21.3 |
||
juniper junos os evolved 21.4 |
Vulmon