Home

CVE-2016-4922

Description

Certain combinations of Junos OS CLI commands and arguments have been found to be exploitable in a way that can allow unauthorized access to the operating system. This may allow any user with permissions to run these CLI commands the ability to achieve elevated privileges and gain complete control of the device. Affected releases are Juniper Networks Junos OS 11.4 prior to 11.4R13-S3; 12.1X46 prior to 12.1X46-D60; 12.1X47 prior to 12.1X47-D45; 12.3 prior to 12.3R12; 12.3X48 prior to 12.3X48-D35; 13.2 prior to 13.2R9; 13.3 prior to 13.3R4-S11, 13.3R9; 14.1 prior to 14.1R4-S12, 14.1R7; 14.1X53 prior to 14.1X53-D28, 14.1X53-D40; 14.1X55 prior to 14.1X55-D35; 14.2 prior to 14.2R3-S10, 14.2R4-S7, 14.2R5; 15.1 prior to 15.1F4, 15.1R3; 15.1X49 prior to 15.1X49-D60; 15.1X53 prior to 15.1X53-D57, 15.1X53-D70.

Risk Information

Base Score
7.8
MODERATE
Vector
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.084

Associated Vulnerability

VulnerabilityOS Platform
Vulnerabilities CVE-2016-4922,CVE-2018-0002,CVE-2018-0018 are fixed in junos 12.1x46-d60NCM
Vulnerabilities CVE-2016-4922,CVE-2017-2302 are fixed in junos 12.1x47-d45NCM
Vulnerabilities CVE-2016-1279,CVE-2016-1280,CVE-2016-4922 are fixed in junos 12.3r12NCM
Vulnerabilities CVE-2016-1269,CVE-2016-4922 are fixed in junos 13.2r9NCM
Vulnerabilities CVE-2016-1275,CVE-2016-1277,CVE-2016-4922,CVE-2016-4923 are fixed in junos 13.3r9NCM
Vulnerabilities CVE-2016-1263,CVE-2016-1279,CVE-2016-4922 are fixed in junos 14.1r7NCM
Vulnerabilities CVE-2015-7748,CVE-2016-1258,CVE-2016-1261,CVE-2016-4922 are fixed in junos 14.2r5NCM
Vulnerabilities CVE-2016-4922 are fixed in junos 15.1f4NCM
Improper Neutralization of Special Elements used in a Command (Command Injection) Vulnerability (CVE-2016-4922)NCM

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-1704488Security Update for junos 9.2r1
PATCH-1704488Security Update for junos 9.2r1
PATCH-1704488Security Update for junos 9.2r1
PATCH-1704488Security Update for junos 9.2r1
PATCH-1704488Security Update for junos 9.2r1
PATCH-1704488Security Update for junos 9.2r1
PATCH-1704488Security Update for junos 9.2r1
PATCH-1704488Security Update for junos 9.2r1

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234