CVE-2017-2343

Name of the Vulnerable Software and Affected Versions Junos OS versions 12.3X48-D30 through 12.3X48-D35 Junos OS versions 15.1X49-D40 through 15.1X49-D50

Description The Integrated User Firewall (UserFW) feature in Junos OS has a security issue due to hardcoded credentials. This can be exploited by an attacker to compromise SRX Series devices and potentially LDAP and Active Directory integrated points, allowing access to user credentials, workstations, and servers. The attacker may gain full administrative control over one or more Active Directories, depending on the credentials supplied by the administrator.

Recommendations For Junos OS versions 12.3X48-D30 through 12.3X48-D35, update to version 12.3X48-D35 or later. For Junos OS versions 15.1X49-D40 through 15.1X49-D50, update to version 15.1X49-D50 or later. As a temporary workaround, consider disabling the UserFW service until a patch is available. Restrict access to the Active Directory authentication module to minimize the risk of exploitation. Avoid using the active-directory-access service in the affected API endpoint until the issue is resolved.