Overview
- Description
- An authentication bypass vulnerability in the initial boot sequence of Juniper Networks Junos OS on vSRX Series may allow an attacker to gain full control of the system without authentication when the system is initially booted up. Affected releases are Juniper Networks Junos OS: 15.1X49 versions prior to 15.1X49-D30 on vSRX.
- Source
- sirt@juniper.net
- NVD status
- Modified
Risk scores
CVSS 3.0
- Type
- Primary
- Base score
- 6.8
- Impact score
- 5.9
- Exploitability score
- 0.9
- Vector string
- CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- MEDIUM
CVSS 2.0
- Type
- Primary
- Base score
- 7.2
- Impact score
- 10
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- CWE-287
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "20DABA6A-FA7A-4289-8C6A-2B93689A5440"
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d10:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D90D8985-34EF-44CC-A9A7-CB0FD22676F2"
},
{
"criteria": "cpe:2.3:o:juniper:junos:15.1x49:d20:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "18468579-0195-4DDE-BAA5-4BE4068F3A69"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:juniper:vsrx:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "8B10DFCE-5331-4D79-8D9F-EF84743493D3"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]