CVE-2018-0053

EPSS 0.05%
Veröffentlicht 10.10.2018 18:29:02
Zuletzt bearbeitet 21.11.2024 03:37:28
Quelle sirt@juniper.net
CVE-Watchlists
Login
Unerledigt
Login

An authentication bypass vulnerability in the initial boot sequence of Juniper Networks Junos OS on vSRX Series may allow an attacker to gain full control of the system without authentication when the system is initially booted up. Affected releases are Juniper Networks Junos OS: 15.1X49 versions prior to 15.1X49-D30 on vSRX.

Betroffene Produkte Warnungen 0 Metriken 4 CWE 1 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Juniper ≫ Junos Version15.1x49

Juniper ≫ Vsrx Version-

Juniper ≫ Junos Version15.1x49 Updated10

Juniper ≫ Vsrx Version-

Juniper ≫ Junos Version15.1x49 Updated20

Juniper ≫ Vsrx Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.05%	0.154

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.8	0.9	5.9	CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	7.2	3.9	10	AV:L/AC:L/Au:N/C:C/I:C/A:C
sirt@juniper.net	6.8	0.9	5.9	CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-287 Improper Authentication

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

http://www.securitytracker.com/id/1041854

Third Party Advisory

VDB Entry

https://kb.juniper.net/JSA10887

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2018-0053

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2018-0053

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2018-0053

EUVD