CVE-2018-0023 : Security Advisory and Response

JSNAPy, an open-source Python adaptation of Junos Snapshot Administrator by Juniper Networks, prior to version 1.3.0, has a vulnerability due to world-writable default configuration and sample files.

Understanding CVE-2018-0023

JSNAPy allows unauthorized local users to modify files, potentially leading to unintended operations.

What is CVE-2018-0023?

JSNAPy versions before 1.3.0 have default configuration and sample files with world-writable permissions, enabling unauthorized local users to modify files, posing a security risk.

The Impact of CVE-2018-0023

Confidentiality Impact: None
Integrity Impact: High
Availability Impact: None
Base Score: 5.5 (Medium Severity)

Technical Details of CVE-2018-0023

JSNAPy's vulnerability lies in insecure file permissions, affecting all versions prior to 1.3.0.

Vulnerability Description

The default configuration and sample files in JSNAPy are set to world-writable permissions, allowing unauthorized local users to modify files within the directory.

Affected Systems and Versions

Product: Junos Snapshot Administrator (JSNAPy)
Vendor: Juniper Networks
Affected Versions: All versions before 1.3.0

Exploitation Mechanism

Unauthorized local users can exploit the world-writable default configuration and sample files to modify files within the JSNAPy directory.

Mitigation and Prevention

It is crucial to take immediate steps to address and prevent the vulnerability.

Immediate Steps to Take

Change related files and directories to group/world-readable but not writable using commands like

sudo chmod -R og-w /etc/jsnapy

Long-Term Security Practices

Regularly review and adjust file permissions to restrict unauthorized modifications

Patching and Updates

Upgrade to JSNAPy version 1.3.0 or later to resolve the vulnerability
After upgrading, modify file permissions as described in the workaround section