CVE-2020-1618 Junos OS: EX and QFX Series: Console port authentication bypass vulnerability

🗓️ 08 Apr 2020 19:25:54Reported by juniperType

Juniper Networks authentication bypass vulnerability on Junos OS for EX and QFX Serie

Reporter	Title	Published	Views	Family All 8
BDU FSTEC	The vulnerability of JunOS’s EX Series and QFX Series routers allows attackers to elevate their privileges to the root level.	1 Oct 202000:00	–	bdu_fstec
CNVD	Juniper Networks Junos OS License Issue Vulnerability (CNVD-2020-22961)	9 Apr 202000:00	–	cnvd
CVE	CVE-2020-1618	8 Apr 202019:25	–	cve
EUVD	EUVD-2020-12486	7 Oct 202500:30	–	euvd
Tenable Nessus	Juniper Junos Authentication Bypass (JSA11001)	3 Feb 202100:00	–	nessus
NVD	CVE-2020-1618	8 Apr 202020:15	–	nvd
OSV	CVE-2020-1618	8 Apr 202020:15	–	osv
Prion	Authentication flaw	8 Apr 202020:15	–	prion

[
  {
    "platforms": [
      "EX and QFX Series"
    ],
    "product": "Junos OS",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "status": "unaffected",
        "version": "12.3"
      },
      {
        "lessThan": "14.1X53-D53",
        "status": "affected",
        "version": "14.1X53",
        "versionType": "custom"
      },
      {
        "lessThan": "15.1R7-S4",
        "status": "affected",
        "version": "15.1",
        "versionType": "custom"
      },
      {
        "lessThan": "15.1X53-D593",
        "status": "affected",
        "version": "15.1X53",
        "versionType": "custom"
      },
      {
        "lessThan": "16.1R7-S4",
        "status": "affected",
        "version": "16.1",
        "versionType": "custom"
      },
      {
        "lessThan": "17.1R2-S11, 17.1R3-S1",
        "status": "affected",
        "version": "17.1",
        "versionType": "custom"
      },
      {
        "lessThan": "17.2R3-S3",
        "status": "affected",
        "version": "17.2",
        "versionType": "custom"
      },
      {
        "lessThan": "17.3R2-S5, 17.3R3-S6",
        "status": "affected",
        "version": "17.3",
        "versionType": "custom"
      },
      {
        "lessThan": "17.4R2-S9, 17.4R3",
        "status": "affected",
        "version": "17.4",
        "versionType": "custom"
      },
      {
        "lessThan": "18.1R3-S8",
        "status": "affected",
        "version": "18.1",
        "versionType": "custom"
      },
      {
        "lessThan": "18.2R2",
        "status": "affected",
        "version": "18.2",
        "versionType": "custom"
      },
      {
        "lessThan": "18.3R1-S7, 18.3R2",
        "status": "affected",
        "version": "18.3",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
kb	www.kb.juniper.net/JSA11001

08 Apr 2020 19:25Current

6.9Medium risk

Vulners AI Score6.9

CVSS 3.16.3

EPSS0.00348

CWE-288