Unrated severityNVD Advisory· Published Oct 10, 2018· Updated Sep 16, 2024
NFX Series: Insecure sshd configuration in Juniper Device Manager (JDM) and host OS
CVE-2018-0044
Description
An insecure SSHD configuration in Juniper Device Manager (JDM) and host OS on Juniper NFX Series devices may allow remote unauthenticated access if any of the passwords on the system are empty. The affected SSHD configuration has the PermitEmptyPasswords option set to "yes". Affected releases are Juniper Networks Junos OS: 18.1 versions prior to 18.1R4 on NFX Series.
Affected products
3<18.1R4 on NFX Series+ 1 more
- (no CPE)range: <18.1R4 on NFX Series
- (no CPE)range: 18.1
Patches
Vulnerability mechanics
References
2- www.securityfocus.com/bid/105565mitrevdb-entryx_refsource_BID
- kb.juniper.net/JSA10878mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.