CVE-2024-21615

CVSS 3.1 Score 5.0 of 10 (medium)

Details

Published Apr 12, 2024
Updated: Apr 15, 2024
CWE ID 276

Summary

CVE-2024-21615 is an Incorrect Default Permissions vulnerability that affects Juniper Networks Junos OS and Junos OS Evolved. It allows a local, low-privileged attacker to access confidential information on the system. Specifically, when NETCONF traceoptions are configured and a super-user performs certain actions via NETCONF, a low-privileged user can gain access to sensitive information, compromising the system's confidentiality. This vulnerability affects various versions of Junos OS and Junos OS Evolved before specific updates. The potential danger it poses to an organization is high, as it could lead to unauthorized access to sensitive data. Remediation involves updating the affected Junos OS and Junos OS Evolved platforms to the recommended patched versions.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2024-21615 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options