CVE-2015-3003 Juniper JUNOS Multiple Local Privilege Escalation Vulnerability (JSA10674)

Juniper JUNOS is the network operating system used in Juniper Networks hardware systems.

Certain combinations of Junos OS CLI commands and arguments have been found to be exploitable in a way that can allow root access to the operating system. This may allow any user with permissions to run these CLI commands the ability to achieve elevated privileges and gain complete control of the device.

Affected versions
Juniper Junos 12.1X44 before 12.1X44-D45, 12.1X46 before 12.1X46-D30, 12.1X47 before 12.1X47-D20, 12.3 before 12.3R9, 12.3X48 before 12.3X48-D10, 13.2 before 13.2R6, 13.3 before 13.3R5, 14.1 before 14.1R3, and 14.2 before 14.2R1

On successful exploittaion it allows local users to gain privileges via crafted combinations of CLI commands and arguments.

Update to JUNOS version Junos OS 12.1X44-D45, 12.1X46-D30, 12.1X47-D20, 12.3R9, 12.3X48-D10, 13.2R6, 13.3R5, 14.1R3, 14.2R1 or later.

Refer to JSA10674 for further details.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

JSA10674