Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
CVE-2018-0025
CVE information
Published
Last Modified
CVSSv2.0 Severity
CVSSv3.1 Severity
Impact Analysis
Description
When an SRX Series device is configured to use HTTP/HTTPS pass-through authentication services, a client sending authentication credentials in the initial HTTP/HTTPS session is at risk that these credentials may be captured during follow-on HTTP/HTTPS requests by a malicious actor through a man-in-the-middle attack or by authentic servers subverted by malicious actors. FTP, and Telnet pass-through authentication services are not affected. Affected releases are Juniper Networks SRX Series: 12.1X46 versions prior to 12.1X46-D67 on SRX Series; 12.3X48 versions prior to 12.3X48-D25 on SRX Series; 15.1X49 versions prior to 15.1X49-D35 on SRX Series..
CVSSv2.0 Score
- Severity
- Medium
- Base Score
- 4.3/10
- Exploit Score
- 8.6/10
- Access Vector
- Network
- Access Complexity
- Medium
- Authentication Required
- None
- Impact Score
- 2.9/10
- Confidentiality Impact
- Partial
- Availability Impact
- None
- Integrity Impact
- None
CVSSv3.1 Score
- Severity
- High
- Base Score
- 8.1/10
- Exploit Score
- 2.2/10
- Access Vector
- Network
- Access Complexity
- High
- Privileges Required
- None
- Impact Score
- 5.9/10
- Confidentiality Impact
- High
- Availability Impact
- High
- Integrity Impact
- High
- Scope
- Unchanged
- User Interaction
- None
Products Affected
CPE | Affected | Vulnerable | Excluding | Edit |
---|---|---|---|---|
cpe:2.3:o:juniper:junos:12.1x46:d60:*:*:*:*:*:* |
Yes
|
- | ||
cpe:2.3:o:juniper:junos:12.1x46:d30:*:*:*:*:*:* |
Yes
|
- | ||
cpe:2.3:o:juniper:junos:12.1x46:d45:*:*:*:*:*:* |
Yes
|
- | ||
cpe:2.3:o:juniper:junos:12.1x46:d50:*:*:*:*:*:* |
Yes
|
- | ||
cpe:2.3:o:juniper:junos:12.1x46:d25:*:*:*:*:*:* |
Yes
|
- | ||
cpe:2.3:o:juniper:junos:12.1x46:*:*:*:*:*:*:* |
Yes
|
- | ||
cpe:2.3:o:juniper:junos:12.1x46:d65:*:*:*:*:*:* |
Yes
|
- | ||
cpe:2.3:o:juniper:junos:12.1x46:d35:*:*:*:*:*:* |
Yes
|
- | ||
cpe:2.3:o:juniper:junos:12.1x46:d20:*:*:*:*:*:* |
Yes
|
- | ||
cpe:2.3:o:juniper:junos:12.1x46:d40:*:*:*:*:*:* |
Yes
|
- | ||
cpe:2.3:o:juniper:junos:12.1x46:d15:*:*:*:*:*:* |
Yes
|
- | ||
cpe:2.3:o:juniper:junos:12.1x46:d10:*:*:*:*:*:* |
Yes
|
- | ||
cpe:2.3:o:juniper:junos:12.1x46:d55:*:*:*:*:*:* |
Yes
|
- | ||
cpe:2.3:o:juniper:junos:12.1x46:d66:*:*:*:*:*:* |
Yes
|
- | ||
cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:* |
No
|
- | ||
cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:* |
No
|
- | ||
cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:* |
No
|
- | ||
cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:* |
No
|
- | ||
cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:* |
No
|
- | ||
cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:* |
No
|
- | ||
cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:* |
No
|
- | ||
cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:* |
No
|
- | ||
cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:* |
No
|
- | ||
cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:* |
No
|
- | ||
cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:* |
No
|
- | ||
cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:* |
No
|
- | ||
cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:* |
No
|
- | ||
cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:* |
No
|
- | ||
cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:* |
No
|
- | ||
cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:* |
No
|
- | ||
cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:* |
No
|
- | ||
cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:* |
No
|
- | ||
cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:* |
No
|
- | ||
cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:* |
No
|
- | ||
cpe:2.3:o:juniper:junos:12.3x48:d10:*:*:*:*:*:* |
Yes
|
- | ||
cpe:2.3:o:juniper:junos:12.3x48:d15:*:*:*:*:*:* |
Yes
|
- | ||
cpe:2.3:o:juniper:junos:12.3x48:*:*:*:*:*:*:* |
Yes
|
- | ||
cpe:2.3:o:juniper:junos:12.3x48:d20:*:*:*:*:*:* |
Yes
|
- | ||
cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:* |
No
|
- | ||
cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:* |
No
|
- | ||
cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:* |
No
|
- | ||
cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:* |
No
|
- | ||
cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:* |
No
|
- | ||
cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:* |
No
|
- | ||
cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:* |
No
|
- | ||
cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:* |
No
|
- | ||
cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:* |
No
|
- | ||
cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:* |
No
|
- | ||
cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:* |
No
|
- | ||
cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:* |
No
|
- | ||
cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:* |
No
|
- | ||
cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:* |
No
|
- | ||
cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:* |
No
|
- | ||
cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:* |
No
|
- | ||
cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:* |
No
|
- | ||
cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:* |
No
|
- | ||
cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:* |
No
|
- | ||
cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:* |
No
|
- | ||
cpe:2.3:o:juniper:junos:15.1x49:d30:*:*:*:*:*:* |
Yes
|
- | ||
cpe:2.3:o:juniper:junos:15.1x49:*:*:*:*:*:*:* |
Yes
|
- | ||
cpe:2.3:o:juniper:junos:15.1x49:d20:*:*:*:*:*:* |
Yes
|
- | ||
cpe:2.3:o:juniper:junos:15.1x49:d10:*:*:*:*:*:* |
Yes
|
- | ||
cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:* |
No
|
- | ||
cpe:2.3:h:juniper:srx110:-:*:*:*:*:*:*:* |
No
|
- | ||
cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:* |
No
|
- | ||
cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:* |
No
|
- | ||
cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:* |
No
|
- | ||
cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:* |
No
|
- | ||
cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:* |
No
|
- | ||
cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:* |
No
|
- | ||
cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:* |
No
|
- | ||
cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:* |
No
|
- | ||
cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:* |
No
|
- | ||
cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:* |
No
|
- | ||
cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:* |
No
|
- | ||
cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:* |
No
|
- | ||
cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:* |
No
|
- | ||
cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:* |
No
|
- | ||
cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:* |
No
|
- | ||
cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:* |
No
|
- | ||
cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:* |
No
|
- | ||
cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:* |
No
|
- |
References
- https://www.juniper.net/documentation/en_US/junos/topics/example/security-https-traffic-
- https://www.juniper.net/documentation/en_US/junos/topics/example/firewall-user-authentic
- https://www.juniper.net/documentation/en_US/junos/topics/concept/firewall-user-authentic
- https://kb.juniper.net/JSA10858
- http://www.securityfocus.com/bid/104719
- http://www.securitytracker.com/id/1041316