Critical severity9.8CISA KEVNVD Advisory· Published Dec 19, 2015· Updated Apr 21, 2026
CVE-2015-7755
CVE-2015-7755
Description
Juniper ScreenOS 6.2.0r15 through 6.2.0r18, 6.3.0r12 before 6.3.0r12b, 6.3.0r13 before 6.3.0r13b, 6.3.0r14 before 6.3.0r14b, 6.3.0r15 before 6.3.0r15b, 6.3.0r16 before 6.3.0r16b, 6.3.0r17 before 6.3.0r17b, 6.3.0r18 before 6.3.0r18b, 6.3.0r19 before 6.3.0r19b, and 6.3.0r20 before 6.3.0r21 allows remote attackers to obtain administrative access by entering an unspecified password during a (1) SSH or (2) TELNET session.
Affected products
4cpe:2.3:o:juniper:screenos:6.3.0:r17:*:*:*:*:*:*+ 3 more
- cpe:2.3:o:juniper:screenos:6.3.0:r17:*:*:*:*:*:*
- cpe:2.3:o:juniper:screenos:6.3.0:r18:*:*:*:*:*:*
- cpe:2.3:o:juniper:screenos:6.3.0:r19:*:*:*:*:*:*
- cpe:2.3:o:juniper:screenos:6.3.0:r20:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
11- kb.juniper.net/InfoCenter/indexnvdExploitVendor Advisory
- arstechnica.com/security/2015/12/unauthorized-code-in-juniper-firewalls-decrypts-encrypted-vpn-traffic/nvdThird Party Advisory
- www.kb.cert.org/vuls/id/640184nvdThird Party Advisory
- www.wired.com/2015/12/juniper-networks-hidden-backdoors-show-the-risk-of-government-backdoors/nvdThird Party Advisory
- adamcaudill.com/2015/12/17/much-ado-about-juniper/nvdThird Party Advisory
- forums.juniper.net/t5/Security-Incident-Response/Important-Announcement-about-ScreenOS/ba-p/285554nvdVendor Advisory
- twitter.com/cryptoron/statuses/677900647560253442nvdBroken Link
- www.forbes.com/sites/thomasbrewster/2015/12/18/juniper-says-it-didnt-work-with-government-to-add-unauthorized-code-to-network-gear/nvdPermissions Required
- www.securityfocus.com/bid/79626nvdBroken Link
- www.securitytracker.com/id/1034489nvdBroken Link
- www.cisa.gov/known-exploited-vulnerabilities-catalognvdUS Government Resource
News mentions
0No linked articles in our index yet.