3 matches found
Juniper Junos SRX Integrated User Firewall Hardcoded Credentials (JSA10791)
According to its self-reported version and configuration, the remote Juniper Junos device has hardcoded credentials for the Integrated User Firewall UserFW services authentication API. An unauthenticated, remote attacker can exploit this to gain administrative access to the device. TRUSTED...
CVE-2017-2343 SRX Series: Hardcoded credentials in Integrated UserFW feature.
The Integrated User Firewall UserFW feature was introduced in Junos OS version 12.1X47-D10 on the Juniper SRX Series devices to provide simple integration of user profiles on top of the existing firewall polices. As part of an internal security review of the UserFW services authentication API,...
CVE-2017-2343
CVE-2017-2343 affects Juniper Junos SRX Series with the Integrated User Firewall (UserFW) authentication API. The root cause is hardcoded credentials in UserFW, enabling an unauthenticated, remote attacker to potentially gain administrative access to the SRX device and compromise connected servic...