juniper paragon-active-assurance-control-center CVE-2021-0232 in Juniper Networks and Fedora Project Products
Published on April 22, 2021

Paragon Active Assurance: Authentication bypass vulnerability in Control Center

product logo product logo
An authentication bypass vulnerability in the Juniper Networks Paragon Active Assurance Control Center may allow an attacker with specific information about the deployment to mimic an already registered Test Agent and access its configuration including associated inventory details. If the issue occurs, the affected Test Agent will not be able to connect to the Control Center. This issue affects Juniper Networks Paragon Active Assurance Control Center All versions prior to 2.35.6; 2.36 versions prior to 2.36.2.

Vendor Advisory NVD

Vulnerability Analysis

CVE-2021-0232 is exploitable with network access, and does not require authorization privileges or user interaction. This vulnerability is consided to have a high level of attack complexity. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity, and a high impact on availability.

Attack Vector:
NETWORK
Attack Complexity:
HIGH
Privileges Required:
NONE
User Interaction:
NONE
Scope:
UNCHANGED
Confidentiality Impact:
HIGH
Integrity Impact:
NONE
Availability Impact:
HIGH

Weakness Type

What is an Authorization Vulnerability?

The software does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

CVE-2021-0232 has been classified to as an Authorization vulnerability or weakness.


Products Associated with CVE-2021-0232

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2021-0232 are published in these products:

Juniper Networks Paragon Active Assurance Control Center
 
Fedora Project Fedora
 

Affected Versions

Juniper Networks Paragon Active Assurance:

Exploit Probability

EPSS
0.45%
Percentile
63.26%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.