← Back

CVE-2018-0025

nvd nist
Published: Jul 11, 2018Modified: Nov 21, 2024

JSON object

Loading...
8.1
Vector
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitability: 2.2 / Impact: 5.9
Source: NVD

Description

When an SRX Series device is configured to use HTTP/HTTPS pass-through authentication services, a client sending authentication credentials in the initial HTTP/HTTPS session is at risk that these credentials may be captured during follow-on HTTP/HTTPS requests by a malicious actor through a man-in-the-middle attack or by authentic servers subverted by malicious actors. FTP, and Telnet pass-through authentication services are not affected. Affected releases are Juniper Networks SRX Series: 12.1X46 versions prior to 12.1X46-D67 on SRX Series; 12.3X48 versions prior to 12.3X48-D25 on SRX Series; 15.1X49 versions prior to 15.1X49-D35 on SRX Series.

Affected (22)

Products: Juniper: Junos
Juniper
1 product
Junos
Configuration A
14 vulnerable
Vulnerable SoftwareAffected Versions
Juniper
Junos
Version 12.1x46
Junos
Version 12.1x46 d10
Junos
Version 12.1x46 d15
Junos
Version 12.1x46 d20
Junos
Version 12.1x46 d25
Junos
Version 12.1x46 d30
Junos
Version 12.1x46 d35
Junos
Version 12.1x46 d40
Junos
Version 12.1x46 d45
Junos
Version 12.1x46 d50
Junos
Version 12.1x46 d55
Junos
Version 12.1x46 d60
Junos
Version 12.1x46 d65
Junos
Version 12.1x46 d66
Configuration B
4 vulnerable
Vulnerable SoftwareAffected Versions
Juniper
Junos
Version 12.3x48
Junos
Version 12.3x48 d10
Junos
Version 12.3x48 d15
Junos
Version 12.3x48 d20
Configuration C
4 vulnerable · 20 platform
Vulnerable SoftwareAffected Versions
Juniper
Junos
Version 15.1x49
Junos
Version 15.1x49 d10
Junos
Version 15.1x49 d20
Junos
Version 15.1x49 d30
Running on/withPlatform Versions
Juniper
Srx100
All versions
Juniper
Srx110
All versions
Juniper
Srx1400
All versions
Juniper
Srx1500
All versions
Juniper
Srx210
All versions
Juniper
Srx220
All versions
Juniper
Srx240
All versions
Juniper
Srx300
All versions
Juniper
Srx320
All versions
Juniper
Srx340
All versions
Juniper
Srx3400
All versions
Juniper
Srx345
All versions
Juniper
Srx3600
All versions
Juniper
Srx4100
All versions
Juniper
Srx4200
All versions
Juniper
Srx5400
All versions
Juniper
Srx550
All versions
Juniper
Srx5600
All versions
Juniper
Srx5800
All versions
Juniper
Srx650
All versions

Related CWEs

CWE-300
Channel Accessible by Non-Endpoint
The product does not adequately verify the identity of actors at both ends of a communication channel, or does not adequately ensure the integrity of the channel, in a way that allows the channel to be accessed or influenced by an actor that is not an endpoint.
CWE-319
Cleartext Transmission of Sensitive Information
The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.

References (12)

Source: sirt@juniper.net
Third Party AdvisoryVDB Entry
Source: sirt@juniper.net
Third Party AdvisoryVDB Entry
Source: sirt@juniper.net
MitigationVendor Advisory
Source: sirt@juniper.net
Vendor Advisory
Source: sirt@juniper.net
Vendor Advisory
Source: sirt@juniper.net
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
MitigationVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.