Juniper Junos 12.1X44 before 12.1X44-D45, 12.1X46 before 12.1X46-D25, 12.1X47 before 12.1X47-D15, 12.3 before 12.3R9, 13.1 before 13.1R4-S3, 13.2 before 13.2R6, 13.3 before 13.3R5, 14.1 before 14.1R3, and 14.2 before 14.2R1 does not properly handle double quotes in authorization attributes in the TACACS+ configuration, which allows local users to bypass the security policy and execute commands via unspecified vectors.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Junos | Juniper | 12.1x44 (including) | 12.1x44 (including) |
| Junos | Juniper | 12.1x44-d10 (including) | 12.1x44-d10 (including) |
| Junos | Juniper | 12.1x44-d15 (including) | 12.1x44-d15 (including) |
| Junos | Juniper | 12.1x44-d20 (including) | 12.1x44-d20 (including) |
| Junos | Juniper | 12.1x44-d25 (including) | 12.1x44-d25 (including) |
| Junos | Juniper | 12.1x44-d30 (including) | 12.1x44-d30 (including) |
| Junos | Juniper | 12.1x44-d35 (including) | 12.1x44-d35 (including) |
| Junos | Juniper | 12.1x44-d40 (including) | 12.1x44-d40 (including) |
| Junos | Juniper | 12.1x46 (including) | 12.1x46 (including) |
| Junos | Juniper | 12.1x46-d10 (including) | 12.1x46-d10 (including) |
| Junos | Juniper | 12.1x46-d15 (including) | 12.1x46-d15 (including) |
| Junos | Juniper | 12.1x46-d20 (including) | 12.1x46-d20 (including) |
| Junos | Juniper | 12.1x47 (including) | 12.1x47 (including) |
| Junos | Juniper | 12.1x47-d10 (including) | 12.1x47-d10 (including) |
| Junos | Juniper | 12.3 (including) | 12.3 (including) |
| Junos | Juniper | 12.3-r1 (including) | 12.3-r1 (including) |
| Junos | Juniper | 12.3-r2 (including) | 12.3-r2 (including) |
| Junos | Juniper | 12.3-r3 (including) | 12.3-r3 (including) |
| Junos | Juniper | 12.3-r4 (including) | 12.3-r4 (including) |
| Junos | Juniper | 12.3-r5 (including) | 12.3-r5 (including) |
| Junos | Juniper | 12.3-r6 (including) | 12.3-r6 (including) |
| Junos | Juniper | 12.3-r7 (including) | 12.3-r7 (including) |
| Junos | Juniper | 12.3-r8 (including) | 12.3-r8 (including) |
| Junos | Juniper | 13.1 (including) | 13.1 (including) |
| Junos | Juniper | 13.1-r1 (including) | 13.1-r1 (including) |
| Junos | Juniper | 13.1-r2 (including) | 13.1-r2 (including) |
| Junos | Juniper | 13.1-r3 (including) | 13.1-r3 (including) |
| Junos | Juniper | 13.1-r4 (including) | 13.1-r4 (including) |
| Junos | Juniper | 13.2 (including) | 13.2 (including) |
| Junos | Juniper | 13.2-r1 (including) | 13.2-r1 (including) |
| Junos | Juniper | 13.2-r2 (including) | 13.2-r2 (including) |
| Junos | Juniper | 13.2-r3 (including) | 13.2-r3 (including) |
| Junos | Juniper | 13.2-r4 (including) | 13.2-r4 (including) |
| Junos | Juniper | 13.2-r5 (including) | 13.2-r5 (including) |
| Junos | Juniper | 13.3 (including) | 13.3 (including) |
| Junos | Juniper | 13.3-r1 (including) | 13.3-r1 (including) |
| Junos | Juniper | 13.3-r2 (including) | 13.3-r2 (including) |
| Junos | Juniper | 13.3-r3 (including) | 13.3-r3 (including) |
| Junos | Juniper | 13.3-r4 (including) | 13.3-r4 (including) |
| Junos | Juniper | 14.1 (including) | 14.1 (including) |
| Junos | Juniper | 14.1-r1 (including) | 14.1-r1 (including) |
| Junos | Juniper | 14.1-r2 (including) | 14.1-r2 (including) |
| Junos | Juniper | 14.2 (including) | 14.2 (including) |