← Back

CVE-2021-0248

nvd nist
Published: Apr 22, 2021Modified: Nov 21, 2024

JSON object

Loading...
10.0
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Exploitability: 3.9 / Impact: 6.0
Source: sirt@juniper.net (Secondary)

Description

This issue is not applicable to NFX NextGen Software. On NFX Series devices the use of Hard-coded Credentials in Juniper Networks Junos OS allows an attacker to take over any instance of an NFX deployment. This issue is only exploitable through administrative interfaces. This issue affects: Juniper Networks Junos OS versions prior to 19.1R1 on NFX Series. No other platforms besides NFX Series devices are affected.

Affected (2)

Products: Juniper: Junos
Juniper
1 product
Junos
Configuration A
2 vulnerable · 3 platform
Vulnerable SoftwareAffected Versions
Juniper
Junos
Before 19.1
Junos
Version 19.1
Running on/withPlatform Versions
Juniper
Nfx150
All versions
Juniper
Nfx250
All versions
Juniper
Nfx350
All versions

Related CWEs

CWE-798
Use of Hard-coded Credentials
The product contains hard-coded credentials, such as a password or cryptographic key.

References (2)

Source: sirt@juniper.net
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.