CVE-2018-0053 — MEDIUM (6.8)

Vulnerability Description

An authentication bypass vulnerability in the initial boot sequence of Juniper Networks Junos OS on vSRX Series may allow an attacker to gain full control of the system without authentication when the system is initially booted up. Affected releases are Juniper Networks Junos OS: 15.1X49 versions prior to 15.1X49-D30 on vSRX.

CVSS Score

6.8

MEDIUM

CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Juniper	Junos	15.1x49
Juniper	Vsrx	-

Related Weaknesses (CWE)

CWE-287

References

http://www.securitytracker.com/id/1041854Third Party AdvisoryVDB Entry
https://kb.juniper.net/JSA10887Vendor Advisory
http://www.securitytracker.com/id/1041854Third Party AdvisoryVDB Entry
https://kb.juniper.net/JSA10887Vendor Advisory

FAQ

What is CVE-2018-0053?

CVE-2018-0053 is a vulnerability with a CVSS score of 6.8 (MEDIUM). An authentication bypass vulnerability in the initial boot sequence of Juniper Networks Junos OS on vSRX Series may allow an attacker to gain full control of the system without authentication when the...

How severe is CVE-2018-0053?

CVE-2018-0053 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2018-0053?

Check the references section above for vendor advisories and patch information. Affected products include: Juniper Junos, Juniper Vsrx.