CVE-2021-0248
NFX Series: Hard-coded credentials allow an attacker to take control of any instance through administrative interfaces.
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
This issue is not applicable to NFX NextGen Software. On NFX Series devices the use of Hard-coded Credentials in Juniper Networks Junos OS allows an attacker to take over any instance of an NFX deployment. This issue is only exploitable through administrative interfaces. This issue affects: Juniper Networks Junos OS versions prior to 19.1R1 on NFX Series. No other platforms besides NFX Series devices are affected.
Este problema no es aplicable al Software NFX NextGen. En los dispositivos de la Serie NFX, el uso de credenciales Embebidas en Juniper Networks Junos OS, permite a un atacante tomar el control de cualquier instancia de una implementación de NFX. Este problema solo es explotable por medio de interfaces administrativas. Este problema afecta a: Juniper Networks Junos OS versiones anteriores a 19.1R1 en la serie NFX. No están afectadas otras plataformas además de los dispositivos de la serie NFX
CVSS Scores
SSVC
- Decision:-
Timeline
- 2020-10-27 CVE Reserved
- 2021-04-22 CVE Published
- 2024-01-06 EPSS Updated
- 2024-09-16 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-798: Use of Hard-coded Credentials
CAPEC
References (1)
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | < 19.1 Search vendor "Juniper" for product "Junos" and version " < 19.1" | - |
Affected
| in | Juniper Search vendor "Juniper" | Nfx150 Search vendor "Juniper" for product "Nfx150" | - | - |
Safe
|
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | < 19.1 Search vendor "Juniper" for product "Junos" and version " < 19.1" | - |
Affected
| in | Juniper Search vendor "Juniper" | Nfx250 Search vendor "Juniper" for product "Nfx250" | - | - |
Safe
|
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | < 19.1 Search vendor "Juniper" for product "Junos" and version " < 19.1" | - |
Affected
| in | Juniper Search vendor "Juniper" | Nfx350 Search vendor "Juniper" for product "Nfx350" | - | - |
Safe
|
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 19.1 Search vendor "Juniper" for product "Junos" and version "19.1" | - |
Affected
| in | Juniper Search vendor "Juniper" | Nfx150 Search vendor "Juniper" for product "Nfx150" | - | - |
Safe
|
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 19.1 Search vendor "Juniper" for product "Junos" and version "19.1" | - |
Affected
| in | Juniper Search vendor "Juniper" | Nfx250 Search vendor "Juniper" for product "Nfx250" | - | - |
Safe
|
| Juniper Search vendor "Juniper" | Junos Search vendor "Juniper" for product "Junos" | 19.1 Search vendor "Juniper" for product "Junos" and version "19.1" | - |
Affected
| in | Juniper Search vendor "Juniper" | Nfx350 Search vendor "Juniper" for product "Nfx350" | - | - |
Safe
|