How severe is CVE-2021-0260?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.3 out of 10.

What type of vulnerability is CVE-2021-0260?

This is classified as CWE-285, which is a common weakness in software security.

CVE-2021-0260 - HIGH Severity | CVSS 7.3

Vulnerability Description

An improper authorization vulnerability in the Simple Network Management Protocol daemon (snmpd) service of Juniper Networks Junos OS leads an unauthenticated attacker being able to perform SNMP read actions, an Exposure of System Data to an Unauthorized Control Sphere, or write actions to OIDs that support write operations, against the device without authentication. This issue affects: Juniper Networks Junos OS: 17.2 version 17.2R1 and later versions; 17.3 versions prior to 17.3R3-S9; 17.4 versions prior to 17.4R2-S12, 17.4R3-S5; 18.1 versions prior to 18.1R3-S13; 18.2 versions prior to 18.2R3-S8; 18.3 versions prior to 18.3R3-S5; 18.4 versions prior to 18.4R1-S8, 18.4R2-S5, 18.4R3; 19.1 versions prior to 19.1R2; 19.2 versions prior to 19.2R1-S6, 19.2R2; 19.3 versions prior to 19.3R2. This issue does not affect Juniper Networks Junos OS versions prior to 17.2R1.

Related Vulnerabilities

CVE-2016-4531

HIGH

CVSS:7.3(High)

Rockwell Automation FactoryTalk EnergyMetrix before 2.20.00 does not invalidate credentials upon a logout action, which makes it easier for remote attackers to obtain access by leveraging an unattende...

CWE-2852016

CVE-2019-1604

HIGH

CVSS:7.3(High)

A vulnerability in the user account management interface of Cisco NX-OS Software could allow an authenticated, local attacker to gain elevated privileges on an affected device. The vulnerability is du...

CWE-2852019

CVE-2022-34405

HIGH

CVSS:7.3(High)

An improper access control vulnerability was identified in the Realtek audio driver. A local authenticated malicious user may potentially exploit this vulnerability by waiting for an administrator to ...

CWE-2852022

CVE-2023-0734

HIGH

CVSS:7.3(High)

Improper Authorization in GitHub repository wallabag/wallabag prior to 2.5.4.

CWE-2852023

CVE-2023-27594

HIGH

CVSS:7.3(High)

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.11.15, 1.12.8, and 1.13.1, under specific conditions, Cilium may misattribute the source ...

CWE-2852023

CVE-2024-24900

HIGH

CVSS:7.3(High)

Dell Secure Connect Gateway (SCG) Policy Manager, all versions, contain an improper authorization vulnerability. An adjacent network low privileged attacker could potentially exploit this vulnerabilit...

CWE-2852024