PT-2021-12959 · Juniper Networks · Junos
Published
2021-04-22
·
Updated
2021-04-27
·
CVE-2021-0248
CVSS v3.1
10
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions:
Juniper Networks Junos OS versions prior to 19.1R1 on NFX Series
Description:
The issue allows an attacker to take over any instance of an NFX deployment through the use of hard-coded credentials in Juniper Networks Junos OS. This issue is only exploitable through administrative interfaces. It does not affect NFX NextGen Software or platforms other than NFX Series devices.
Recommendations:
For Juniper Networks Junos OS versions prior to 19.1R1 on NFX Series, update to version 19.1R1 or later to resolve the issue. As a temporary workaround, consider restricting access to administrative interfaces to minimize the risk of exploitation.
Fix
Using Hardcoded Credentials
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Junos