CVE-2018-0008

🗓️ 10 Jan 2018 22:00:00Reported by juniperType

An unauthenticated root login vulnerability in Juniper Networks Junos OS prior to specific versions allows for root CLI login without a password, due to unexpected behavior upon reboot

Reporter	Title	Published	Views	Family All 7
Circl	CVE-2018-0008	23 May 201808:17	–	circl
CISA	Juniper Networks Releases Security Updates	11 Jan 201800:00	–	cisa
Cvelist	CVE-2018-0008 Junos OS: commit script may allow unauthenticated root login upon reboot	10 Jan 201822:00	–	cvelist
EUVD	EUVD-2018-0833	7 Oct 202500:30	–	euvd
Tenable Nessus	Juniper Junos Commit Script Handling Local Console Port Access Weakness Vulnerability (JSA10835)	26 Jan 201800:00	–	nessus
NVD	CVE-2018-0008	10 Jan 201822:29	–	nvd
Prion	Authentication flaw	10 Jan 201822:29	–	prion

NVD

Vulners

Node

juniper junosMatch12.1x46

juniper junosMatch12.1x46d10

juniper junosMatch12.1x46d15

juniper junosMatch12.1x46d20

juniper junosMatch12.1x46d25

juniper junosMatch12.1x46d30

juniper junosMatch12.1x46d35

juniper junosMatch12.1x46d40

juniper junosMatch12.1x46d45

juniper junosMatch12.1x46d50

juniper junosMatch12.1x46d55

juniper junosMatch12.1x46d60

juniper junosMatch12.1x46d65

AND

juniper srx100Match-

juniper srx110Match-

juniper srx1400Match-

juniper srx1500Match-

juniper srx210Match-

juniper srx220Match-

juniper srx240Match-

juniper srx300Match-

juniper srx320Match-

juniper srx340Match-

juniper srx3400Match-

juniper srx345Match-

juniper srx3600Match-

juniper srx4100Match-

juniper srx4200Match-

juniper srx5400Match-

juniper srx550Match-

juniper srx5600Match-

juniper srx5800Match-

juniper srx650Match-

Node

juniper junosMatch12.3x48

juniper junosMatch12.3x48d10

juniper junosMatch12.3x48d15

juniper junosMatch12.3x48d20

juniper junosMatch12.3x48d25

juniper junosMatch12.3x48d30

juniper junosMatch12.3x48d35

juniper junosMatch12.3x48d40

juniper junosMatch12.3x48d45

juniper junosMatch12.3x48d50

AND

juniper srx100Match-

juniper srx110Match-

juniper srx1400Match-

juniper srx1500Match-

juniper srx210Match-

juniper srx220Match-

juniper srx240Match-

juniper srx300Match-

juniper srx320Match-

juniper srx340Match-

juniper srx3400Match-

juniper srx345Match-

juniper srx3600Match-

juniper srx4100Match-

juniper srx4200Match-

juniper srx5400Match-

juniper srx550Match-

juniper srx5600Match-

juniper srx5800Match-

juniper srx650Match-

Node

juniper junosMatch15.1x49

juniper junosMatch15.1x49d10

juniper junosMatch15.1x49d100

juniper junosMatch15.1x49d20

juniper junosMatch15.1x49d30

juniper junosMatch15.1x49d35

juniper junosMatch15.1x49d40

juniper junosMatch15.1x49d45

juniper junosMatch15.1x49d50

juniper junosMatch15.1x49d55

juniper junosMatch15.1x49d60

juniper junosMatch15.1x49d65

juniper junosMatch15.1x49d70

juniper junosMatch15.1x49d75

juniper junosMatch15.1x49d80

juniper junosMatch15.1x49d90

AND

juniper srx100Match-

juniper srx110Match-

juniper srx1400Match-

juniper srx1500Match-

juniper srx210Match-

juniper srx220Match-

juniper srx240Match-

juniper srx300Match-

juniper srx320Match-

juniper srx340Match-

juniper srx3400Match-

juniper srx345Match-

juniper srx3600Match-

juniper srx4100Match-

juniper srx4200Match-

juniper srx5400Match-

juniper srx550Match-

juniper srx5600Match-

juniper srx5800Match-

juniper srx650Match-

Node

juniper junosMatch14.1

juniper junosMatch14.1r1

juniper junosMatch14.1r2

juniper junosMatch14.1r3

juniper junosMatch14.1r4

juniper junosMatch14.1r5

juniper junosMatch14.1r6

juniper junosMatch14.1r7

Node

juniper junosMatch14.1x53

juniper junosMatch14.1x53d10

juniper junosMatch14.1x53d15

juniper junosMatch14.1x53d16

juniper junosMatch14.1x53d25

juniper junosMatch14.1x53d26

juniper junosMatch14.1x53d27

juniper junosMatch14.1x53d30

juniper junosMatch14.1x53d35

AND

juniper ex2200Match-

juniper ex2300Match-

juniper ex3300Match-

juniper ex3400Match-

juniper ex4200Match-

juniper ex4300Match-

juniper ex4500Match-

juniper ex4550Match-

juniper ex4600Match-

juniper ex6200Match-

juniper ex8200Match-

juniper ex9200Match-

juniper qfx10000Match-

juniper qfx3500Match-

juniper qfx3600Match-

juniper qfx5100Match-

juniper qfx5110Match-

juniper qfx5200Match-

Node

juniper junosMatch14.2

juniper junosMatch14.2r1

juniper junosMatch14.2r2

juniper junosMatch14.2r3

juniper junosMatch14.2r4

juniper junosMatch14.2r5

juniper junosMatch14.2r6

juniper junosMatch14.2r7

juniper junosMatch14.2r8

Node

juniper junosMatch15.1

juniper junosMatch15.1a1

juniper junosMatch15.1f1

juniper junosMatch15.1f2

juniper junosMatch15.1f2-s1

juniper junosMatch15.1f2-s2

juniper junosMatch15.1f2-s3

juniper junosMatch15.1f2-s4

juniper junosMatch15.1f3

juniper junosMatch15.1f4

juniper junosMatch15.1f5

juniper junosMatch15.1f6-s8

juniper junosMatch15.1r5-s6

juniper junosMatch15.1r6

Node

juniper junosMatch15.1x53

juniper junosMatch15.1x53d20

juniper junosMatch15.1x53d21

juniper junosMatch15.1x53d210

juniper junosMatch15.1x53d230

juniper junosMatch15.1x53d25

juniper junosMatch15.1x53d30

juniper junosMatch15.1x53d32

juniper junosMatch15.1x53d33

juniper junosMatch15.1x53d34

juniper junosMatch15.1x53d60

juniper junosMatch15.1x53d61

juniper junosMatch15.1x53d62

juniper junosMatch15.1x53d63

juniper junosMatch15.1x53d70

AND

juniper qfx5110Match-

juniper qfx5200Match-

Node

juniper junosMatch15.1x53

juniper junosMatch15.1x53d20

juniper junosMatch15.1x53d21

juniper junosMatch15.1x53d25

juniper junosMatch15.1x53d30

juniper junosMatch15.1x53d32

juniper junosMatch15.1x53d33

juniper junosMatch15.1x53d34

juniper junosMatch15.1x53d470

AND

juniper nfxMatch-

Node

juniper junosMatch15.1x53

juniper junosMatch15.1x53d20

juniper junosMatch15.1x53d21

juniper junosMatch15.1x53d25

juniper junosMatch15.1x53d30

juniper junosMatch15.1x53d32

juniper junosMatch15.1x53d33

juniper junosMatch15.1x53d34

juniper junosMatch15.1x53d50

juniper junosMatch15.1x53d51

juniper junosMatch15.1x53d52

juniper junosMatch15.1x53d55

juniper junosMatch15.1x53d57

juniper junosMatch15.1x53d60

juniper junosMatch15.1x53d61

juniper junosMatch15.1x53d62

juniper junosMatch15.1x53d63

juniper junosMatch15.1x53d64

AND

juniper qfx10000Match-

Node

juniper junosMatch16.1r1

[
  {
    "platforms": [
      "SRX"
    ],
    "product": "Junos OS",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "lessThan": "12.1X46-D71",
        "status": "affected",
        "version": "12.1X46",
        "versionType": "custom"
      },
      {
        "lessThan": "12.3X48-D55",
        "status": "affected",
        "version": "12.3X48",
        "versionType": "custom"
      },
      {
        "lessThan": "15.1X49-D110",
        "status": "affected",
        "version": "15.1X49",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "Junos OS",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "lessThan": "14.1R9",
        "status": "affected",
        "version": "14.1",
        "versionType": "custom"
      },
      {
        "lessThan": "14.2R7-S9, 14.2R8",
        "status": "affected",
        "version": "14.2",
        "versionType": "custom"
      },
      {
        "lessThan": "15.1F5-S7, 15.1F6-S8, 15.1R5-S6, 15.1R6",
        "status": "affected",
        "version": "15.1",
        "versionType": "custom"
      },
      {
        "lessThan": "16.1R2",
        "status": "affected",
        "version": "16.1",
        "versionType": "custom"
      }
    ]
  },
  {
    "platforms": [
      "QFX, EX"
    ],
    "product": "Junos OS",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "lessThan": "14.1X53-D40",
        "status": "affected",
        "version": "14.1X53",
        "versionType": "custom"
      }
    ]
  },
  {
    "platforms": [
      "QFX5200/5110"
    ],
    "product": "Junos OS",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "lessThan": "15.1X53-D232",
        "status": "affected",
        "version": "15.1X53",
        "versionType": "custom"
      }
    ]
  },
  {
    "platforms": [
      "NFX"
    ],
    "product": "Junos OS",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "lessThan": "15.1X53-D49, 15.1X53-D470",
        "status": "affected",
        "version": "15.1X53",
        "versionType": "custom"
      }
    ]
  },
  {
    "platforms": [
      "QFX10K"
    ],
    "product": "Junos OS",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "lessThan": "15.1X53-D65",
        "status": "affected",
        "version": "15.1X53",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
securitytracker	www.securitytracker.com/id/1040186
kb	www.kb.juniper.net/JSA10835
lists	www.lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3Ccommits.cxf.apache.org%3E

21 Nov 2024 03:37Current

6.9Medium risk

Vulners AI Score6.9

CVSS 36.2

CVSS 27.2

EPSS0.00151

CWE-287