CVE-2021-0255

MEDIUM

Juniper Junos OS - Local Privilege Escalation via ethtraceroute Setuid Binary

Title source: llm
STIX 2.1

Description

A local privilege escalation vulnerability in ethtraceroute of Juniper Networks Junos OS may allow a locally authenticated user with shell access to escalate privileges and write to the local filesystem as root. ethtraceroute is shipped with setuid permissions enabled and is owned by the root user, allowing local users to run ethtraceroute with root privileges. This issue affects Juniper Networks Junos OS: 15.1X49 versions prior to 15.1X49-D240; 17.3 versions prior to 17.3R3-S11, 17.4 versions prior to 17.4R3-S4; 18.1 versions prior to 18.1R3-S12; 18.2 versions prior to 18.2R3-S7; 18.3 versions prior to 18.3R3-S4; 18.4 versions prior to 18.4R2-S7; 19.1 versions prior to 19.1R1-S6, 19.1R2-S2, 19.1R3-S4; 19.3 versions prior to 19.3R3-S2; 19.4 versions prior to 19.4R3-S1; 20.1 versions prior to 20.1R2, 20.1R3; 20.2 versions prior to 20.2R2-S1, 20.2R3; 20.3 versions prior to 20.3R1-S1.

References (1)

Core 1
Core References
Vendor Advisory x_refsource_misc
https://kb.juniper.net/JSA11175

Scores

CVSS v3 5.5
EPSS 0.0021
EPSS Percentile 10.4%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Details

CWE
CWE-269 CWE-250
Status published
Products (3)
juniper/junos 17.3 (23 CPE variants)
juniper/junos 17.4 (26 CPE variants)
juniper/junos 18.1
Published Apr 22, 2021
Tracked Since Feb 18, 2026