VYPR
Unrated severityNVD Advisory· Published Apr 22, 2021· Updated Sep 17, 2024

cSRX: Use of Hard-coded Cryptographic Keys allows an attacker to take control of the device through device management services.

CVE-2021-0266

Description

The use of multiple hard-coded cryptographic keys in cSRX Series software in Juniper Networks Junos OS allows an attacker to take control of any instance of a cSRX deployment through device management services. This issue affects: Juniper Networks Junos OS on cSRX Series: All versions prior to 20.2R3; 20.3 versions prior to 20.3R2; 20.4 versions prior to 20.4R2.

Affected products

2
  • Juniper Networks/Junosllm-fuzzy2 versions
    prior to 20.2R3, 20.3 prior to 20.3R2, 20.4 prior to 20.4R2+ 1 more
    • (no CPE)range: prior to 20.2R3, 20.3 prior to 20.3R2, 20.4 prior to 20.4R2
    • (no CPE)range: unspecified

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.