CVE-2020-1618

Name of the Vulnerable Software and Affected Versions: Juniper Networks Junos OS on EX and QFX Series versions 14.1X53 through 14.1X53-D52 Juniper Networks Junos OS on EX and QFX Series versions 15.1 through 15.1R7-S3 Juniper Networks Junos OS on EX and QFX Series versions 15.1X53 through 15.1X53-D592 Juniper Networks Junos OS on EX and QFX Series versions 16.1 through 16.1R7-S3 Juniper Networks Junos OS on EX and QFX Series versions 17.1 through 17.1R2-S10 Juniper Networks Junos OS on EX and QFX Series versions 17.1R3 through 17.1R3-S0 Juniper Networks Junos OS on EX and QFX Series versions 17.2 through 17.2R3-S2 Juniper Networks Junos OS on EX and QFX Series versions 17.3 through 17.3R2-S4 Juniper Networks Junos OS on EX and QFX Series versions 17.3R3 through 17.3R3-S5 Juniper Networks Junos OS on EX and QFX Series versions 17.4 through 17.4R2-S8 Juniper Networks Junos OS on EX and QFX Series versions 17.4R3 through 17.4R3-S0 Juniper Networks Junos OS on EX and QFX Series versions 18.1 through 18.1R3-S7 Juniper Networks Junos OS on EX and QFX Series versions 18.2 through 18.2R1 Juniper Networks Junos OS on EX and QFX Series versions 18.3 through 18.3R1-S6

Description: The issue is related to an authentication bypass vulnerability that may allow a user connected to the console port to login as root without any password. This issue might only occur in certain scenarios: at the first reboot after performing device factory reset using the command “request system zeroize”, or a temporary moment during the first reboot after the software upgrade when the device configured in Virtual Chassis mode.

Recommendations: For versions 14.1X53 through 14.1X53-D52, update to version 14.1X53-D53 or later. For versions 15.1 through 15.1R7-S3, update to version 15.1R7-S4 or later. For versions 15.1X53 through 15.1X53-D592, update to version 15.1X53-D593 or later. For versions 16.1 through 16.1R7-S3, update to version 16.1R7-S4 or later. For versions 17.1 through 17.1R2-S10, update to version 17.1R2-S11 or later. For versions 17.1R3 through 17.1R3-S0, update to version 17.1R3-S1 or later. For versions 17.2 through 17.2R3-S2, update to version 17.2R3-S3 or later. For versions 17.3 through 17.3R2-S4, update to version 17.3R2-S5 or later. For versions 17.3R3 through 17.3R3-S5, update to version 17.3R3-S6 or later. For versions 17.4 through 17.4R2-S8, update to version 17.4R2-S9 or later. For versions 17.4R3 through 17.4R3-S0, update to version 17.4R3 or later. For versions 18.1 through 18.1R3-S7, update to version 18.1R3-S8 or later. For versions 18.2 through 18.2R1, update to version 18.2R2 or later. For versions 18.3 through 18.3R1-S6, update to version 18.3R1-S7 or later.