CVE-2013-6012

Name of the Vulnerable Software and Affected Versions Juniper Junos versions 12.1X44 before 12.1X44-D20 Juniper Junos versions 12.1X45 before 12.1X45-D15

Description The issue arises when the no-validate option is enabled, and the system fails to properly handle configuration validation errors during the config commit phase of the boot-up sequence. This allows remote attackers to bypass authentication via unspecified vectors.

Recommendations For Juniper Junos versions 12.1X44 before 12.1X44-D20, update to version 12.1X44-D20 or later. For Juniper Junos versions 12.1X45 before 12.1X45-D15, update to version 12.1X45-D15 or later.