High severity7.8NVD Advisory· Published Aug 5, 2016· Updated Jun 17, 2026
CVE-2016-1278
CVE-2016-1278
Description
Juniper Junos OS before 12.1X46-D50 on SRX Series devices reverts to "safe mode" authentication and allows root CLI logins without a password after a failed upgrade to 12.1X46, which might allow local users to gain privileges by leveraging use of the "request system software" command with the "partition" option.
Affected products
2cpe:2.3:o:juniper:junos:*:d45:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:juniper:junos:*:d45:*:*:*:*:*:*range: <=12.1x46
- (no CPE)range: <12.1X46-D50
Patches
Vulnerability mechanics
References
3- kb.juniper.net/InfoCenter/indexnvdMitigationVendor Advisory
- www.securityfocus.com/bid/91757nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/id/1036307nvdThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.