Junos OS and Junos OS Evolved: Specific low privileged CLI command exposes sensitive information
Summary
| CVE | CVE-2026-33776 |
|---|---|
| State | PUBLISHED |
| Assigner | juniper |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2026-04-09 22:16:26 UTC |
| Updated | 2026-04-16 18:46:10 UTC |
| Description | A Missing Authorization vulnerability in the CLI of Juniper Networks Junos OS and Junos OS Evolved allows a local user with low privileges to read sensitive information. A local user with low privileges can execute the CLI command 'show mgd' with specific arguments which will expose sensitive information. This issue affects Junos OS: * all versions before 22.4R3-S8, * 23.2 versions before 23.2R2-S6, * 23.4 versions before 23.4R2-S6, * 24.2 versions before 24.2R2-S4, * 24.4 versions before 24.4R2-S1, * 25.2 version before 25.2R1-S2, 25.2R2; Junos OS Evolved: * all versions before 23.2R2-S6-EVO, * 23.4 version before 23.4R2-S6-EVO, * 24.2 version before 24.2R2-S4-EVO, * 24.4 versions before 24.4R2-S1-EVO, * 25.2 versions before 25.2R2-EVO. |
Risk And Classification
Primary CVSS: v4.0 6.8 MEDIUM from [email protected]
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:X/V:X/RE:M/U:X
EPSS: 0.000130000 probability, percentile 0.019670000 (date 2026-04-15)
Problem Types: CWE-862 | CWE-862 CWE-862 Missing Authorization
| Version | Source | Type | Score | Severity | Vector |
|---|---|---|---|---|---|
| 4.0 | [email protected] | Secondary | 6.8 | MEDIUM | CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/C... |
| 4.0 | CNA | CVSS | 6.8 | MEDIUM | CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/AU:Y/... |
| 3.1 | [email protected] | Primary | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
| 3.1 | CNA | CVSS | 5.5 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
CVSS v4.0 Breakdown
Attack Vector
LocalAttack Complexity
LowAttack Requirements
NonePrivileges Required
LowUser Interaction
NoneConfidentiality
HighIntegrity
NoneAvailability
NoneSub Conf.
NoneSub Integrity
NoneSub Availability
NoneCVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:X/V:X/RE:M/U:X
CVSS v3.1 Breakdown
Attack Vector
LocalAttack Complexity
LowPrivileges Required
LowUser Interaction
NoneScope
UnchangedConfidentiality
HighIntegrity
NoneAvailability
NoneCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Operating System | Juniper | Junos | All | All | All | All |
| Operating System | Juniper | Junos | 22.4 | - | All | All |
| Operating System | Juniper | Junos | 22.4 | r1 | All | All |
| Operating System | Juniper | Junos | 22.4 | r1-s1 | All | All |
| Operating System | Juniper | Junos | 22.4 | r1-s2 | All | All |
| Operating System | Juniper | Junos | 22.4 | r2 | All | All |
| Operating System | Juniper | Junos | 22.4 | r2-s1 | All | All |
| Operating System | Juniper | Junos | 22.4 | r2-s2 | All | All |
| Operating System | Juniper | Junos | 22.4 | r3 | All | All |
| Operating System | Juniper | Junos | 22.4 | r3-s1 | All | All |
| Operating System | Juniper | Junos | 22.4 | r3-s2 | All | All |
| Operating System | Juniper | Junos | 22.4 | r3-s3 | All | All |
| Operating System | Juniper | Junos | 22.4 | r3-s4 | All | All |
| Operating System | Juniper | Junos | 22.4 | r3-s5 | All | All |
| Operating System | Juniper | Junos | 22.4 | r3-s6 | All | All |
| Operating System | Juniper | Junos | 22.4 | r3-s7 | All | All |
| Operating System | Juniper | Junos | 23.2 | - | All | All |
| Operating System | Juniper | Junos | 23.2 | r1 | All | All |
| Operating System | Juniper | Junos | 23.2 | r1-s1 | All | All |
| Operating System | Juniper | Junos | 23.2 | r1-s2 | All | All |
| Operating System | Juniper | Junos | 23.2 | r2 | All | All |
| Operating System | Juniper | Junos | 23.2 | r2-s1 | All | All |
| Operating System | Juniper | Junos | 23.2 | r2-s2 | All | All |
| Operating System | Juniper | Junos | 23.2 | r2-s3 | All | All |
| Operating System | Juniper | Junos | 23.2 | r2-s4 | All | All |
| Operating System | Juniper | Junos | 23.2 | r2-s5 | All | All |
| Operating System | Juniper | Junos | 23.4 | - | All | All |
| Operating System | Juniper | Junos | 23.4 | r1 | All | All |
| Operating System | Juniper | Junos | 23.4 | r1-s1 | All | All |
| Operating System | Juniper | Junos | 23.4 | r1-s2 | All | All |
| Operating System | Juniper | Junos | 23.4 | r2 | All | All |
| Operating System | Juniper | Junos | 23.4 | r2-s1 | All | All |
| Operating System | Juniper | Junos | 23.4 | r2-s2 | All | All |
| Operating System | Juniper | Junos | 23.4 | r2-s3 | All | All |
| Operating System | Juniper | Junos | 23.4 | r2-s4 | All | All |
| Operating System | Juniper | Junos | 23.4 | r2-s5 | All | All |
| Operating System | Juniper | Junos | 24.2 | - | All | All |
| Operating System | Juniper | Junos | 24.2 | r1 | All | All |
| Operating System | Juniper | Junos | 24.2 | r1-s1 | All | All |
| Operating System | Juniper | Junos | 24.2 | r1-s2 | All | All |
| Operating System | Juniper | Junos | 24.2 | r2 | All | All |
| Operating System | Juniper | Junos | 24.2 | r2-s1 | All | All |
| Operating System | Juniper | Junos | 24.2 | r2-s2 | All | All |
| Operating System | Juniper | Junos | 24.2 | r2-s3 | All | All |
| Operating System | Juniper | Junos | 24.4 | - | All | All |
| Operating System | Juniper | Junos | 24.4 | r1 | All | All |
| Operating System | Juniper | Junos | 24.4 | r1-s2 | All | All |
| Operating System | Juniper | Junos | 24.4 | r1-s3 | All | All |
| Operating System | Juniper | Junos | 24.4 | r2 | All | All |
| Operating System | Juniper | Junos | 25.2 | - | All | All |
| Operating System | Juniper | Junos | 25.2 | r1 | All | All |
| Operating System | Juniper | Junos | 25.2 | r1-s1 | All | All |
| Operating System | Juniper | Junos | 25.2 | r2 | All | All |
| Operating System | Juniper | Junos Os Evolved | All | All | All | All |
| Operating System | Juniper | Junos Os Evolved | 23.2 | - | All | All |
| Operating System | Juniper | Junos Os Evolved | 23.2 | r1 | All | All |
| Operating System | Juniper | Junos Os Evolved | 23.2 | r1-s1 | All | All |
| Operating System | Juniper | Junos Os Evolved | 23.2 | r1-s2 | All | All |
| Operating System | Juniper | Junos Os Evolved | 23.2 | r2 | All | All |
| Operating System | Juniper | Junos Os Evolved | 23.2 | r2-s1 | All | All |
| Operating System | Juniper | Junos Os Evolved | 23.2 | r2-s2 | All | All |
| Operating System | Juniper | Junos Os Evolved | 23.2 | r2-s3 | All | All |
| Operating System | Juniper | Junos Os Evolved | 23.2 | r2-s4 | All | All |
| Operating System | Juniper | Junos Os Evolved | 23.2 | r2-s5 | All | All |
| Operating System | Juniper | Junos Os Evolved | 23.4 | - | All | All |
| Operating System | Juniper | Junos Os Evolved | 23.4 | r1 | All | All |
| Operating System | Juniper | Junos Os Evolved | 23.4 | r1-s1 | All | All |
| Operating System | Juniper | Junos Os Evolved | 23.4 | r1-s2 | All | All |
| Operating System | Juniper | Junos Os Evolved | 23.4 | r2 | All | All |
| Operating System | Juniper | Junos Os Evolved | 23.4 | r2-s1 | All | All |
| Operating System | Juniper | Junos Os Evolved | 23.4 | r2-s2 | All | All |
| Operating System | Juniper | Junos Os Evolved | 23.4 | r2-s3 | All | All |
| Operating System | Juniper | Junos Os Evolved | 23.4 | r2-s4 | All | All |
| Operating System | Juniper | Junos Os Evolved | 23.4 | r2-s5 | All | All |
| Operating System | Juniper | Junos Os Evolved | 24.2 | - | All | All |
| Operating System | Juniper | Junos Os Evolved | 24.2 | r1 | All | All |
| Operating System | Juniper | Junos Os Evolved | 24.2 | r1-s2 | All | All |
| Operating System | Juniper | Junos Os Evolved | 24.2 | r2 | All | All |
| Operating System | Juniper | Junos Os Evolved | 24.2 | r2-s1 | All | All |
| Operating System | Juniper | Junos Os Evolved | 24.2 | r2-s2 | All | All |
| Operating System | Juniper | Junos Os Evolved | 24.2 | r2-s3 | All | All |
| Operating System | Juniper | Junos Os Evolved | 24.4 | - | All | All |
| Operating System | Juniper | Junos Os Evolved | 24.4 | r1 | All | All |
| Operating System | Juniper | Junos Os Evolved | 24.4 | r1-s2 | All | All |
| Operating System | Juniper | Junos Os Evolved | 24.4 | r1-s3 | All | All |
| Operating System | Juniper | Junos Os Evolved | 24.4 | r2 | All | All |
| Operating System | Juniper | Junos Os Evolved | 25.2 | - | All | All |
| Operating System | Juniper | Junos Os Evolved | 25.2 | r1 | All | All |
| Operating System | Juniper | Junos Os Evolved | 25.2 | r1-s1 | All | All |
| Operating System | Juniper | Junos Os Evolved | 25.2 | r1-s2 | All | All |
Vendor Declared Affected Products
| Source | Vendor | Product | Version | Platforms |
|---|---|---|---|---|
| CNA | Juniper Networks | Junos OS | affected 22.4R3-S8 semver | Not specified |
| CNA | Juniper Networks | Junos OS | affected 23.2 23.2R2-S6 semver | Not specified |
| CNA | Juniper Networks | Junos OS | affected 23.4 23.4R2-S6 semver | Not specified |
| CNA | Juniper Networks | Junos OS | affected 24.2 24.2R2-S4 semver | Not specified |
| CNA | Juniper Networks | Junos OS | affected 24.4 24.4R2-S1 semver | Not specified |
| CNA | Juniper Networks | Junos OS | affected 25.2 25.2R1-S2, 25.2R2 semver | Not specified |
| CNA | Juniper Networks | Junos OS Evolved | affected 23.2R2-S6-EVO semver | Not specified |
| CNA | Juniper Networks | Junos OS Evolved | affected 23.4 23.4R2-S6-EVO semver | Not specified |
| CNA | Juniper Networks | Junos OS Evolved | affected 24.2 24.2R2-S4-EVO semver | Not specified |
| CNA | Juniper Networks | Junos OS Evolved | affected 24.4 24.4R2-S1-EVO semver | Not specified |
| CNA | Juniper Networks | Junos OS Evolved | affected 25.2 25.2R2-EVO semver | Not specified |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| kb.juniper.net/JSA107866 | [email protected] | kb.juniper.net | Mitigation, Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
Additional Advisory Data
Solutions
CNA: The following software releases have been updated to resolve this specific issue: Junos OS Evolved: 23.2R2-S6-EVO, 23.4R2-S6-EVO, 24.2R2-S4-EVO, 24.4R2-S1-EVO, 25.2R2-EVO, 25.4R1-EVO, and all subsequent releases; Junos OS: 22.4R3-S8, 23.2R2-S6, 23.4R2-S6, 24.2R2-S4, 24.4R2-S1, 25.2R1-S2, 25.2R2, 25.4R1, and all subsequent releases.
Workarounds
CNA: Use access lists or firewall filters to limit access to the CLI only from trusted hosts and administrators. Utilize CLI authorization to disallow execution of the 'show mgd' commands.
Exploits
CNA: Juniper SIRT is not aware of any malicious exploitation of this vulnerability.
There are currently no legacy QID mappings associated with this CVE.