CVE Vulnerability

CVE-2018-0053

An authentication bypass vulnerability in the initial boot sequence of Juniper Networks Junos OS on vSRX Series may allow an attacker to gain full control of the system without authentication when the system is initially booted up. Affected releases are Juniper Networks Junos OS: 15.1X49 versions prior to 15.1X49-D30 on vSRX.

7.2 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 10

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

Scope

6.8 /10

CVSS v3.0 : MEDIUM

V3 Legend

Vector :

Exploitability : 0.9 / Impact : 5.9

Attack Vector PHYSICAL

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://kb.juniper.net/JSA10887 Vendor Advisory
http://www.securitytracker.com/id/1041854 Third Party Advisory VDB Entry
Configurations

Configuration 1
Information

Published : 2018-10-10 06:29

Updated : 2019-10-09 11:31

NVD link : CVE-2018-0053

Mitre link : CVE-2018-0053

Products Affected

Juniper

Vsrx

CWE
CWE-287