Unrated severityNVD Advisory· Published Apr 22, 2021· Updated Sep 17, 2024
cSRX: Use of Hard-coded Cryptographic Keys allows an attacker to take control of the device through device management services.
CVE-2021-0266
Description
The use of multiple hard-coded cryptographic keys in cSRX Series software in Juniper Networks Junos OS allows an attacker to take control of any instance of a cSRX deployment through device management services. This issue affects: Juniper Networks Junos OS on cSRX Series: All versions prior to 20.2R3; 20.3 versions prior to 20.3R2; 20.4 versions prior to 20.4R2.
Affected products
2prior to 20.2R3, 20.3 prior to 20.3R2, 20.4 prior to 20.4R2+ 1 more
- (no CPE)range: prior to 20.2R3, 20.3 prior to 20.3R2, 20.4 prior to 20.4R2
- (no CPE)range: unspecified
Patches
Vulnerability mechanics
References
1- kb.juniper.net/JSA11157mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.