6.8

CVE-2026-33776

Junos OS and Junos OS Evolved: Specific low privileged CLI command exposes sensitive information

A Missing Authorization vulnerability in the CLI of Juniper Networks Junos OS and Junos OS Evolved allows a local user with low privileges to read sensitive information.

A local user with low privileges can execute the CLI command 'show mgd' with specific arguments which will expose sensitive information.

This issue affects

Junos OS:
  *  all versions before 22.4R3-S8,
  *  23.2 versions before 23.2R2-S6,
  *  23.4 versions before 23.4R2-S6,
  *  24.2 versions before 24.2R2-S4,
  *  24.4 versions before 24.4R2-S1,
  *  25.2 version before 25.2R1-S2, 25.2R2;



Junos OS Evolved:
  *  all versions before 23.2R2-S6-EVO,
  *  23.4 version before 23.4R2-S6-EVO,
  *  24.2 version before 24.2R2-S4-EVO,
  *  24.4 versions before 24.4R2-S1-EVO,
  *  25.2 versions before 25.2R2-EVO.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
JuniperJunos Version < 22.4
JuniperJunos Version22.4 Update-
JuniperJunos Version22.4 Updater1
JuniperJunos Version22.4 Updater1-s1
JuniperJunos Version22.4 Updater1-s2
JuniperJunos Version22.4 Updater2
JuniperJunos Version22.4 Updater2-s1
JuniperJunos Version22.4 Updater2-s2
JuniperJunos Version22.4 Updater3
JuniperJunos Version22.4 Updater3-s1
JuniperJunos Version22.4 Updater3-s2
JuniperJunos Version22.4 Updater3-s3
JuniperJunos Version22.4 Updater3-s4
JuniperJunos Version22.4 Updater3-s5
JuniperJunos Version22.4 Updater3-s6
JuniperJunos Version22.4 Updater3-s7
JuniperJunos Version23.2 Update-
JuniperJunos Version23.2 Updater1
JuniperJunos Version23.2 Updater1-s1
JuniperJunos Version23.2 Updater1-s2
JuniperJunos Version23.2 Updater2
JuniperJunos Version23.2 Updater2-s1
JuniperJunos Version23.2 Updater2-s2
JuniperJunos Version23.2 Updater2-s3
JuniperJunos Version23.2 Updater2-s4
JuniperJunos Version23.2 Updater2-s5
JuniperJunos Version23.4 Update-
JuniperJunos Version23.4 Updater1
JuniperJunos Version23.4 Updater1-s1
JuniperJunos Version23.4 Updater1-s2
JuniperJunos Version23.4 Updater2
JuniperJunos Version23.4 Updater2-s1
JuniperJunos Version23.4 Updater2-s2
JuniperJunos Version23.4 Updater2-s3
JuniperJunos Version23.4 Updater2-s4
JuniperJunos Version23.4 Updater2-s5
JuniperJunos Version24.2 Update-
JuniperJunos Version24.2 Updater1
JuniperJunos Version24.2 Updater1-s1
JuniperJunos Version24.2 Updater1-s2
JuniperJunos Version24.2 Updater2
JuniperJunos Version24.2 Updater2-s1
JuniperJunos Version24.2 Updater2-s2
JuniperJunos Version24.2 Updater2-s3
JuniperJunos Version24.4 Update-
JuniperJunos Version24.4 Updater1
JuniperJunos Version24.4 Updater1-s2
JuniperJunos Version24.4 Updater1-s3
JuniperJunos Version24.4 Updater2
JuniperJunos Version25.2 Update-
JuniperJunos Version25.2 Updater1
JuniperJunos Version25.2 Updater1-s1
JuniperJunos Version25.2 Updater2
JuniperJunos Os Evolved Version < 23.2
JuniperJunos Os Evolved Version23.2 Update-
JuniperJunos Os Evolved Version23.2 Updater1
JuniperJunos Os Evolved Version23.2 Updater1-s1
JuniperJunos Os Evolved Version23.2 Updater1-s2
JuniperJunos Os Evolved Version23.2 Updater2
JuniperJunos Os Evolved Version23.2 Updater2-s1
JuniperJunos Os Evolved Version23.2 Updater2-s2
JuniperJunos Os Evolved Version23.2 Updater2-s3
JuniperJunos Os Evolved Version23.2 Updater2-s4
JuniperJunos Os Evolved Version23.2 Updater2-s5
JuniperJunos Os Evolved Version23.4 Update-
JuniperJunos Os Evolved Version23.4 Updater1
JuniperJunos Os Evolved Version23.4 Updater1-s1
JuniperJunos Os Evolved Version23.4 Updater1-s2
JuniperJunos Os Evolved Version23.4 Updater2
JuniperJunos Os Evolved Version23.4 Updater2-s1
JuniperJunos Os Evolved Version23.4 Updater2-s2
JuniperJunos Os Evolved Version23.4 Updater2-s3
JuniperJunos Os Evolved Version23.4 Updater2-s4
JuniperJunos Os Evolved Version23.4 Updater2-s5
JuniperJunos Os Evolved Version24.2 Update-
JuniperJunos Os Evolved Version24.2 Updater1
JuniperJunos Os Evolved Version24.2 Updater1-s2
JuniperJunos Os Evolved Version24.2 Updater2
JuniperJunos Os Evolved Version24.2 Updater2-s1
JuniperJunos Os Evolved Version24.2 Updater2-s2
JuniperJunos Os Evolved Version24.2 Updater2-s3
JuniperJunos Os Evolved Version24.4 Update-
JuniperJunos Os Evolved Version24.4 Updater1
JuniperJunos Os Evolved Version24.4 Updater1-s2
JuniperJunos Os Evolved Version24.4 Updater1-s3
JuniperJunos Os Evolved Version24.4 Updater2
JuniperJunos Os Evolved Version25.2 Update-
JuniperJunos Os Evolved Version25.2 Updater1
JuniperJunos Os Evolved Version25.2 Updater1-s1
JuniperJunos Os Evolved Version25.2 Updater1-s2
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.02% 0.03
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
sirt@juniper.net 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
sirt@juniper.net 6.8 0 0
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:X/V:X/RE:M/U:X
CWE-862 Missing Authorization

The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

https://kb.juniper.net/JSA107866
Vendor Advisory
Mitigation