Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2018-0053

An authentication bypass vulnerability in the initial boot sequence of Juniper Networks Junos OS on vSRX Series may allow an attacker to gain full control of the system without authentication when the system is initially booted up. Affected releases are Juniper Networks Junos OS: 15.1X49 versions prior to 15.1X49-D30 on vSRX.

Published

2018-10-10T18:29:02.530

Last Modified

2024-11-21T03:37:28.160

Status

Modified

Source

[email protected]

Severity

CVSSv3.0: 6.8 (MEDIUM)

CVSSv2 Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Access Vector: LOCAL
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: COMPLETE
Integrity Impact: COMPLETE
Availability Impact: COMPLETE

Exploitability Score

3.9

Impact Score

10.0

Weaknesses

Type: Primary
CWE-287

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	juniper	junos	15.1x49	Yes
Operating System	juniper	junos	15.1x49	Yes
Operating System	juniper	junos	15.1x49	Yes
Hardware	juniper	vsrx	-	No

References

http://www.securitytracker.com/id/1041854 Third Party Advisory, VDB Entry ([email protected])
https://kb.juniper.net/JSA10887 Vendor Advisory ([email protected])
http://www.securitytracker.com/id/1041854 Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
https://kb.juniper.net/JSA10887 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)