CVE-2024-39527

Summary

CVE-2024-39527 is an Exposure of Sensitive Information to an Unauthorized Actor vulnerability impacting the command-line interface (CLI) of Juniper Networks Junos OS on SRX Series devices. A local, low-privileged user with access to the Junos CLI can access protected files on the file system, potentially gaining unauthorized access to sensitive information. This issue allows users with limited permissions to bypass access controls, potentially leading to further system compromises. Affected versions include all versions of Junos OS on SRX Series before 21.4R3-S8, 22.2 before 22.2R3-S5, 22.3 before 22.3R3-S4, 22.4 before 22.4R3-S4, 23.2 before 23.2R2-S2, and 23.4 before 23.4R2. Users are advised to update their systems as soon as possible to mitigate the risk of exploitation.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.