CVE-2018-0053

An authentication bypass vulnerability in the initial boot sequence of Juniper Networks Junos OS on vSRX Series may allow an attacker to gain full control of the system without authentication when the system is initially booted up. Affected releases are Juniper Networks Junos OS: 15.1X49 versions prior to 15.1X49-D30 on vSRX.

CVSS v3 6.8 MEDIUM
CVSS v2.0 7.2 HIGH

6.8^/10

CVSS v3 : MEDIUM

Vector : AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability : 0.9 / Impact : 5.9

Attack Vector PHYSICAL

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

7.2^/10

CVSS v2.0 : HIGH

Vector : AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 3.9 / Impact : 10.0

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://www.securitytracker.com/id/1041854	Third Party Advisory VDB Entry
https://kb.juniper.net/JSA10887	Vendor Advisory
http://www.securitytracker.com/id/1041854	Third Party Advisory VDB Entry
https://kb.juniper.net/JSA10887	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

OR	cpe:2.3:o:juniper:junos:15.1x49:::::::*
	cpe:2.3:o:juniper:junos:15.1x49:d10::::::
	cpe:2.3:o:juniper:junos:15.1x49:d20::::::

cpe:2.3:h:juniper:vsrx:-:*:*:*:*:*:*:*

History

21 Nov 2024, 03:37

Type	Values Removed	Values Added
References	~~() http://www.securitytracker.com/id/1041854 - Third Party Advisory, VDB Entry~~	() http://www.securitytracker.com/id/1041854 - Third Party Advisory, VDB Entry
References	~~() https://kb.juniper.net/JSA10887 - Vendor Advisory~~	() https://kb.juniper.net/JSA10887 - Vendor Advisory

Information

Published : 2018-10-10 18:29

Updated : 2024-11-21 03:37

NVD link : CVE-2018-0053

Mitre link : CVE-2018-0053

CVE.ORG link : CVE-2018-0053

JSON object : View

Products Affected

juniper

junos
vsrx

CWE

CWE-287

Improper Authentication

{"id": "CVE-2018-0053", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.2, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Secondary", "source": "sirt@juniper.net", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 6.8, "attackVector": "PHYSICAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 0.9}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 6.8, "attackVector": "PHYSICAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 0.9}]}, "published": "2018-10-10T18:29:02.530", "references": [{"url": "http://www.securitytracker.com/id/1041854", "tags": ["Third Party Advisory", "VDB Entry"], "source": "sirt@juniper.net"}, {"url": "https://kb.juniper.net/JSA10887", "tags": ["Vendor Advisory"], "source": "sirt@juniper.net"}, {"url": "http://www.securitytracker.com/id/1041854", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://kb.juniper.net/JSA10887", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-287"}]}], "descriptions": [{"lang": "en", "value": "An authentication bypass vulnerability in the initial boot sequence of Juniper Networks Junos OS on vSRX Series may allow an attacker to gain full control of the system without authentication when the system is initially booted up. Affected releases are Juniper Networks Junos OS: 15.1X49 versions prior to 15.1X49-D30 on vSRX."}, {"lang": "es", "value": "Una vulnerabilidad de omisi\u00f3n de autenticaci\u00f3n en la secuencia de arranque inicial en Juniper Networks Junos OS en vSRX Series podr\u00eda permitir que un atacante obtenga el control total del sistema sin autenticaci\u00f3n cuando el sistema se arranca inicialmente. Las versiones afectadas de Juniper Networks Junos OS son: Versiones 15.1X49 anteriores a la 15.1X49-D30 en vSRX."}], "lastModified": "2024-11-21T03:37:28.160", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:15.1x49:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "20DABA6A-FA7A-4289-8C6A-2B93689A5440"}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d10:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D90D8985-34EF-44CC-A9A7-CB0FD22676F2"}, {"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d20:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "18468579-0195-4DDE-BAA5-4BE4068F3A69"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:juniper:vsrx:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8B10DFCE-5331-4D79-8D9F-EF84743493D3"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "sirt@juniper.net"}