Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2018-0035
HistoryJul 11, 2018 - 6:29 p.m.

CVE-2018-0035

2018-07-1118:29:00
[email protected]
web.nvd.nist.gov
27
cve-2018-0035
junos os
onie
qfx5200
qfx10002
unauthorized access
security vulnerability
dhcp
nvd

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.6 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

60.3%

JSON

QFX5200 and QFX10002 devices that have been shipped with Junos OS 15.1X53-D21, 15.1X53-D30, 15.1X53-D31, 15.1X53-D32, 15.1X53-D33 and 15.1X53-D60 or have been upgraded to these releases using the .bin or .iso images may contain an unintended additional Open Network Install Environment (ONIE) partition. This additional partition allows the superuser to reboot to the ONIE partition which will wipe out the content of the Junos partition and its configuration. Once rebooted, the ONIE partition will not have root password configured, thus any user can access the console or SSH, using an IP address acquired from DHCP, as root without password. Once the device has been shipped or upgraded with the ONIE partition installed, the issue will persist. Simply upgrading to higher release via the CLI will not resolve the issue. No other Juniper Networks products or platforms are affected by this issue.

Affected configurations

NVD
Node
juniperjunosMatch15.1x53d21
OR
juniperjunosMatch15.1x53d30
OR
juniperjunosMatch15.1x53d31
OR
juniperjunosMatch15.1x53d32
OR
juniperjunosMatch15.1x53d33
OR
juniperjunosMatch15.1x53d60
AND
juniperqfx10002Match-
OR
juniperqfx5200Match-
CPENameOperatorVersion
juniper:junosjuniper junoseq15.1x53

CNA Affected

[
  {
    "platforms": [
      "QFX5200 and QFX10002"
    ],
    "product": "Junos OS",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "lessThan": "15.1X53-D60",
        "status": "affected",
        "version": "15.1X53",
        "versionType": "custom"
      }
    ]
  }
]

Related

prion 1
nvd 1
cvelist 1
openvas 1
prion
prion
Design/Logic Flaw
2018-07-11 18:29:00
nvd
nvd
CVE-2018-0035
2018-07-11 18:29:00
cvelist
cvelist
CVE-2018-0035 Junos OS: QFX5200 and QFX10002: Unintended ONIE partition was shipped with certain Junos OS .bin and .iso images
2018-07-11 00:00:00
openvas
openvas
Unpassworded (Blank Password) 'root' Account (SSH)
2019-05-24 00:00:00

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.6 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

60.3%

JSON
Related for CVE-2018-0035
prion1nvd1cvelist1openvas1