2 matches found
CVE-2019-0035
CVE-2019-0035 describes an administrative bypass on Juniper Networks Junos OS. When the insecure console port setting is enabled, an attacker with physical access can change the root password on systems booted from an OAM volume using the command set system root-authentication plain-text-password...
CVE-2019-0035 Junos OS: 'set system ports console insecure' allows root password recovery on OAM volumes
When "set system ports console insecure" is enabled, root login is disallowed for Junos OS as expected. However, the root password can be changed using "set system root-authentication plain-text-password" on systems booted from an OAM Operations, Administration, and Maintenance volume, leading to...