Juniper Junos CLI XML Privilege Escalation (JSA10805)
High Nessus Plugin ID 102080
SynopsisThe remote device is affected by a privilege escalation vulnerability.
DescriptionAccording to its self-reported version number, the remote Juniper Junos device is affected by a privilege escalation vulnerability in the CLI component due to improper validation of user-supplied input before being processed as XML content. A local attacker can exploit this, via XML injection, to gain elevated privileges and execute arbitrary code as the root user.
SolutionUpgrade to the relevant Junos software release referenced in Juniper security advisory JSA10805.