VYPR
High severity7.8NVD Advisory· Published Aug 5, 2016· Updated Jun 17, 2026

CVE-2016-1278

CVE-2016-1278

Description

Juniper Junos OS before 12.1X46-D50 on SRX Series devices reverts to "safe mode" authentication and allows root CLI logins without a password after a failed upgrade to 12.1X46, which might allow local users to gain privileges by leveraging use of the "request system software" command with the "partition" option.

Affected products

2
  • cpe:2.3:o:juniper:junos:*:d45:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:juniper:junos:*:d45:*:*:*:*:*:*range: <=12.1x46
    • (no CPE)range: <12.1X46-D50

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.