CVE-2021-0266
published 2021-04-22CVE-2021-0266: The use of multiple hard-coded cryptographic keys in cSRX Series software in Juniper Networks Junos OS allows an attacker to take control of any instance of a…
critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
The use of multiple hard-coded cryptographic keys in cSRX Series software in Juniper Networks Junos OS allows an attacker to take control of any instance of a cSRX deployment through device management services. This issue affects: Juniper Networks Junos OS on cSRX Series: All versions prior to 20.2R3; 20.3 versions prior to 20.3R2; 20.4 versions prior to 20.4R2.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| juniper | junos | — | — |
| juniper | junos | — | — |
| juniper | junos | — | — |
| juniper | junos_os | — | — |
| juniper | srx_series | — | — |
| juniper_networks | junos_os | >= 20.3 < 20.3R2 | 20.3R2 |
| juniper_networks | junos_os | >= 20.4 < 20.4R2 | 20.4R2 |
| juniper_networks | junos_os | >= unspecified < 20.2R3 | 20.2R3 |
GHSA
GHSA-9frr-8rxx-97f3: The use of multiple hard-coded cryptographic keys in cSRX Series software in Juniper Networks Junos OS allows an attacker to take control of any insta
ghsa_unreviewed·2022-05-24
CVE-2021-0266 [HIGH] CWE-798 GHSA-9frr-8rxx-97f3: The use of multiple hard-coded cryptographic keys in cSRX Series software in Juniper Networks Junos OS allows an attacker to take control of any insta
The use of multiple hard-coded cryptographic keys in cSRX Series software in Juniper Networks Junos OS allows an attacker to take control of any instance of a cSRX deployment through device management services. This issue affects: Juniper Networks Junos OS on cSRX Series: All versions prior to 20.2R3; 20.3 versions prior to 20.3R2; 20.4 versions prior to 20.4R2.
Juniper
CVE-2021-0266: The use of multiple hard-coded cryptographic keys in cSRX Series software in Juniper Networks Junos OS allows an attacker to take control of any insta
vendor_juniper·2021-04-22·CVSS 8.1
CVE-2021-0266 [HIGH] CWE-321 CVE-2021-0266: The use of multiple hard-coded cryptographic keys in cSRX Series software in Juniper Networks Junos OS allows an attacker to take control of any insta
CVE-2021-0266: The use of multiple hard-coded cryptographic keys in cSRX Series software in Juniper Networks Junos OS allows an attacker to take control of any instance of a cSRX deployment through device management services. This issue affects: Juniper Networks Junos OS on cSRX Series: All versions prior to 20.2R3; 20.3 versions prior to 20.3R2; 20.4 versions prior to 20.4R2.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2021-04-22
Published