Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
Junos RADIUS Uninteded Authentication Vulnerability
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
JunOS is prone to a security bypass vulnerability
Insight
Insight
When a RADIUS authentication server is configured under [system radius-server], an entry is created in /var/etc/pam_radius.conf. An issue was discovered where RADIUS accounting servers configured under [system accounting destination radius] are also propagated to pam_radius.conf. If the same RADIUS server is used for both authentication and accounting - a common configuration - the issue is less severe since RADIUS authentication is sent to the intended server despite the duplicate entries. However, if the RADIUS authentication server is later removed from the configuration, the duplicate entry created by configuration of the RADIUS accounting server will remain in pam_radius.conf, also leading to possible unintended authentication success.
Affected Software
Affected Software
Junos OS 11.4, 12.1, 12.2, 12.3, 13.1, 13.2 and 13.3
Detection Method
Detection Method
Checks if a vulnerable OS build is present on the target host.
Solution
Solution
New builds of Junos OS software are available from Juniper.