Lucene search
K

4 matches found

NVD
NVD
added 2026/04/09 10:16 p.m.12 views

CVE-2026-33784

A Use of Default Password vulnerability in the Juniper Networks Support Insights JSI Virtual Lightweight Collector vLWC allows an unauthenticated, network-based attacker to take full control of the device. vLWC software images ship with an initial password for a high privileged account. A change ...

9.8CVSS0.00456EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/09 9:36 p.m.2 views

CVE-2026-33784 JSI Virtual Lightweight Collector: Default password is not required to be changed which allows unauthorized high-privileged access

A Use of Default Password vulnerability in the Juniper Networks Support Insights JSI Virtual Lightweight Collector vLWC allows an unauthenticated, network-based attacker to take full control of the device. vLWC software images ship with an initial password for a high privileged account. A change ...

9.8CVSS5.8AI score0.00456EPSS
Exploits0References1
CVE
CVE
added 2026/04/09 9:36 p.m.39 views

CVE-2026-33784

The CVE describes a Use of Default Password in Juniper Networks’ Virtual Lightweight Collector (vLWC) . All vLWC versions before 3.0.94 ship with an initial password for a high-privileged account, and provisioning does not enforce a password change, enabling an unauthenticated, network-based atta...

9.8CVSS5.9AI score0.00456EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/09 9:26 p.m.2 views

CVE-2026-21915

A Permissive List of Allowed Input vulnerability in the CLI of Juniper Networks Support Insights JSI Virtual Lightweight Collector vLWC allows a local, high privileged attacker to escalate their privileges to root. The CLI menu accepts input without carefully validating it, which allows for shell...

8.4CVSS5.9AI score0.0224EPSS
Exploits0References2
Rows per page
Query Builder