CVE-2018-0008 — Improper Authentication in Networks Junos OS
Severity
6.2MEDIUMNVD
EPSS
0.2%
top 64.27%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedJan 10
Latest updateMay 13
Description
An unauthenticated root login may allow upon reboot when a commit script is used. A commit script allows a device administrator to execute certain instructions during commit, which is configured under the [system scripts commit] stanza. Certain commit scripts that work without a problem during normal commit may cause unexpected behavior upon reboot which can leave the system in a state where root CLI login is allowed without a password due to the system reverting to a "safe mode" authentication …
CVSS vector
CVSS:3.0/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HExploitability: 0.3 | Impact: 5.9
Affected Packages5 packages
🔴Vulnerability Details
1GHSA▶
GHSA-95c8-g3xm-ffh5: An unauthenticated root login may allow upon reboot when a commit script is used↗2022-05-13
📋Vendor Advisories
3VMware▶
VMware product updates enable Hypervisor-Specific Mitigations, Hypervisor-Assisted Guest Mitigations, and Operating System-Specific Mitigations for Microarchitectural Data Sampling (MDS) Vulnerabiliti↗2019-05-14
Juniper▶
CVE-2018-0008: An unauthenticated root login may allow upon reboot when a commit script is used. A commit script allows a device administrator to execute certain ins↗2018-01-10
💬Community
4Bugzilla▶
CVE-2018-18625 grafana: XSS vulnerability via a link on the "Dashboard > All Panels > General" screen↗2020-06-24
Bugzilla▶
CVE-2018-18624 grafana: XSS vulnerability via a column style on the "Dashboard > Table Panel" screen↗2020-06-24
Bugzilla
▶
Bugzilla▶
CVE-2018-1133 CVE-2018-1134 CVE-2018-1135 CVE-2018-1136 CVE-2018-1137 moodle: Six security issues fixed in the latest release↗2018-05-25