3 matches found
Juniper Junos NFX350 Series Readable Password Hashes Vulnerability (JSA11066)
The version of Junos OS installed on the remote host is NFX350 Series prior to 19.4R3 or 20.1R1-S4. It is, therefore, affected by a vulnerability. This vulnerability allows a local attacker with access to brute-force decrypt password hashes stored on the system as referenced in the JSA11066...
CVE-2020-1669 Junos OS: NFX350: Password hashes stored in world-readable format
The Juniper Device Manager JDM container, used by the disaggregated Junos OS architecture on Juniper Networks NFX350 Series devices, stores password hashes in the world-readable file /etc/passwd. This is not a security best current practice as it can allow an attacker with access to the local...
CVE-2020-1669
CVE-2020-1669 affects Juniper Networks Junos OS on NFX350 devices via the JDM container that stores password hashes in the world-readable /etc/passwd. Root cause: password hashes are readable by local attackers. Impact: local access could enable brute-force decryption of hashes, with confidential...