CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
EPSS
Percentile
12.6%
The Juniper Device Manager (JDM) container, used by the disaggregated Junos OS architecture on Juniper Networks NFX350 Series devices, stores password hashes in the world-readable file /etc/passwd. This is not a security best current practice as it can allow an attacker with access to the local filesystem the ability to brute-force decrypt password hashes stored on the system. This issue affects Juniper Networks Junos OS on NFX350: 19.4 versions prior to 19.4R3; 20.1 versions prior to 20.1R1-S4, 20.1R2.
Vendor | Product | Version | CPE |
---|---|---|---|
juniper | nfx350 | - | cpe:2.3:h:juniper:nfx350:-:*:*:*:*:*:*:* |
juniper | junos | 19.4 | cpe:2.3:o:juniper:junos:19.4:r1:*:*:*:*:*:* |
juniper | junos | 19.4 | cpe:2.3:o:juniper:junos:19.4:r1-s1:*:*:*:*:*:* |
juniper | junos | 19.4 | cpe:2.3:o:juniper:junos:19.4:r1-s2:*:*:*:*:*:* |
juniper | junos | 19.4 | cpe:2.3:o:juniper:junos:19.4:r2:*:*:*:*:*:* |
juniper | junos | 20.1 | cpe:2.3:o:juniper:junos:20.1:r1:*:*:*:*:*:* |
juniper | junos | 20.1 | cpe:2.3:o:juniper:junos:20.1:r1-s1:*:*:*:*:*:* |
juniper | junos | 20.1 | cpe:2.3:o:juniper:junos:20.1:r1-s2:*:*:*:*:*:* |
juniper | junos | 20.1 | cpe:2.3:o:juniper:junos:20.1:r1-s3:*:*:*:*:*:* |
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
EPSS
Percentile
12.6%