CVE-2018-0025Channel Accessible by Non-Endpoint in Networks Junos OS

CWE-300Channel Accessible by Non-EndpointCWE-319Cleartext Transmission of Sensitive Info5 documents5 sources
Severity
8.1HIGHNVD
EPSS
0.2%
top 56.45%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Juniper Networks Junos OSJuniper JunosJuniper SRX Series
Timeline
PublishedJul 11
Latest updateMay 13

Description

When an SRX Series device is configured to use HTTP/HTTPS pass-through authentication services, a client sending authentication credentials in the initial HTTP/HTTPS session is at risk that these credentials may be captured during follow-on HTTP/HTTPS requests by a malicious actor through a man-in-the-middle attack or by authentic servers subverted by malicious actors. FTP, and Telnet pass-through authentication services are not affected. Affected releases are Juniper Networks SRX Series: 12.1X4

CVSS vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 2.2 | Impact: 5.9

Affected Packages3 packages

CVEListV5juniper_networks/junos_os12.1X4612.1X46-D67+2
NVDjuniper/junos12.1x46, 12.3x48, 15.1x49+2

🔴Vulnerability Details

1
GHSA
GHSA-2g26-r5g4-jhv2: When an SRX Series device is configured to use HTTP/HTTPS pass-through authentication services, a client sending authentication credentials in the ini2022-05-13

💥Exploits & PoCs

1
Exploit-DB
Microsoft Edge Chakra JIT - Parameter Scope Parsing Type Confusion2018-08-17

📋Vendor Advisories

1
Juniper
CVE-2018-0025: When an SRX Series device is configured to use HTTP/HTTPS pass-through authentication services, a client sending authentication credentials in the ini2018-07-11
CVE-2018-0025 — Channel Accessible by Non-Endpoint | cvebase