CVE-2018-0035 — Networks Junos OS vulnerability

3 documents3 sources

Severity

9.8CRITICALNVD

EPSS

0.3%

top 50.12%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Juniper Networks Junos OS Juniper Junos Juniper Junos OS +1 more

Timeline

PublishedJul 11

Latest updateMay 13

Description

QFX5200 and QFX10002 devices that have been shipped with Junos OS 15.1X53-D21, 15.1X53-D30, 15.1X53-D31, 15.1X53-D32, 15.1X53-D33 and 15.1X53-D60 or have been upgraded to these releases using the .bin or .iso images may contain an unintended additional Open Network Install Environment (ONIE) partition. This additional partition allows the superuser to reboot to the ONIE partition which will wipe out the content of the Junos partition and its configuration. Once rebooted, the ONIE partition will …

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages4 packages

▶CVEListV5juniper_networks/junos_os15.1X53 — 15.1X53-D60

▶NVDjuniper/junos15.1x53

▶juniperjuniper/junos_os

▶juniperjuniper/qfx_series

🔴Vulnerability Details

GHSA

GHSA-g949-ppgf-vg49: QFX5200 and QFX10002 devices that have been shipped with Junos OS 15↗2022-05-13

▶

📋Vendor Advisories

Juniper

CVE-2018-0035: QFX5200 and QFX10002 devices that have been shipped with Junos OS 15.1X53-D21, 15.1X53-D30, 15.1X53-D31, 15.1X53-D32, 15.1X53-D33 and 15.1X53-D60 or h↗2018-07-11

▶