CVE-2020-1618
CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
On Juniper Networks EX and QFX Series, an authentication bypass vulnerability may allow a user connected to the console port to login as root without any password. This issue might only occur in certain scenarios: • At the first reboot after performing device factory reset using the command “request system zeroize”; or • A temporary moment during the first reboot after the software upgrade when the device configured in Virtual Chassis mode. This issue affects Juniper Networks Junos OS on EX and QFX Series: 14.1X53 versions prior to 14.1X53-D53; 15.1 versions prior to 15.1R7-S4; 15.1X53 versions prior to 15.1X53-D593; 16.1 versions prior to 16.1R7-S4; 17.1 versions prior to 17.1R2-S11, 17.1R3-S1; 17.2 versions prior to 17.2R3-S3; 17.3 versions prior to 17.3R2-S5, 17.3R3-S6; 17.4 versions prior to 17.4R2-S9, 17.4R3; 18.1 versions prior to 18.1R3-S8; 18.2 versions prior to 18.2R2; 18.3 versions prior to 18.3R1-S7, 18.3R2. This issue does not affect Juniper Networks Junos OS 12.3.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Juniper Networks | Junos OS | 12.3 | unaffected |
| Juniper Networks | Junos OS | 14.1X53 < 14.1X53-D53 | affected |
| Juniper Networks | Junos OS | 15.1 < 15.1R7-S4 | affected |
| Juniper Networks | Junos OS | 15.1X53 < 15.1X53-D593 | affected |
| Juniper Networks | Junos OS | 16.1 < 16.1R7-S4 | affected |
| Juniper Networks | Junos OS | 17.1 < 17.1R2-S11, 17.1R3-S1 | affected |
| Juniper Networks | Junos OS | 17.2 < 17.2R3-S3 | affected |
| Juniper Networks | Junos OS | 17.3 < 17.3R2-S5, 17.3R3-S6 | affected |
| Juniper Networks | Junos OS | 17.4 < 17.4R2-S9, 17.4R3 | affected |
| Juniper Networks | Junos OS | 18.1 < 18.1R3-S8 | affected |
| Juniper Networks | Junos OS | 18.2 < 18.2R2 | affected |
| Juniper Networks | Junos OS | 18.3 < 18.3R1-S7, 18.3R2 | affected |
Weaknesses
- CWE-288: CWE-288 Authentication Bypass Using an Alternate Path or Channel
Workarounds
Limit physical access to the console port only to trusted administrators.
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.