CVE-2018-0008 : Security Advisory and Response
Learn about CVE-2018-0008, a vulnerability in Junos OS that may allow unauthenticated root login after a reboot. Find out the impacted systems, exploitation details, and mitigation steps.
After a device administrator configures a commit script under the [system scripts commit] stanza, there is a possibility of an unauthenticated root login upon reboot. This issue affects various versions of Juniper Networks Junos OS on different platforms.
Understanding CVE-2018-0008
This CVE involves a vulnerability in Junos OS that could allow unauthenticated root login after a reboot due to the use of commit scripts.
What is CVE-2018-0008?
An unauthenticated root login may occur upon reboot when a commit script is used, potentially allowing unauthorized access to the system.
The Impact of CVE-2018-0008
- CVSS Base Score: 6.2 (Medium)
- Attack Vector: Physical
- Confidentiality Impact: High
- Integrity Impact: High
- Availability Impact: High
- Privileges Required: High
- Scope: Unchanged
- User Interaction: None
- Vector String: CVSS:3.0/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Technical Details of CVE-2018-0008
This section provides detailed technical information about the vulnerability.
Vulnerability Description
The vulnerability allows unauthenticated root access upon reboot when certain commit scripts are configured, potentially leading to unauthorized system access.
Affected Systems and Versions
The following Junos OS versions and platforms are affected:
- Junos OS 12.1X46 versions prior to 12.1X46-D71 on SRX
- Junos OS 12.3X48 versions prior to 12.3X48-D55 on SRX
- Junos OS 14.1 versions prior to 14.1R9
- Junos OS 14.1X53 versions prior to 14.1X53-D40 on QFX, EX
- Junos OS 14.2 versions prior to 14.2R7-S9, 14.2R8
- Junos OS 15.1 versions prior to 15.1F5-S7, 15.1F6-S8, 15.1R5-S6, 15.1R6
- Junos OS 15.1X49 versions prior to 15.1X49-D110 on SRX
- Junos OS 15.1X53 versions prior to 15.1X53-D232 on QFX5200/5110
- Junos OS 15.1X53 versions prior to 15.1X53-D49, 15.1X53-D470 on NFX
- Junos OS 15.1X53 versions prior to 15.1X53-D65 on QFX10K
- Junos OS 16.1 versions prior to 16.1R2
Exploitation Mechanism
Juniper SIRT has not detected any malicious exploitation of this vulnerability.
Mitigation and Prevention
To address CVE-2018-0008, follow these mitigation steps:
Immediate Steps to Take
- Upgrade to the fixed software releases: 12.1X46-D71, 12.3X48-D55, 14.1R9, 14.1X53-D40, 14.2R7-S9, 14.2R8, 15.1F5-S7, 15.1R5-S6, 15.1R6, 15.1X49-D110, 15.1X53-D232, 15.1X53-D65, 16.1R2, 16.2R1, or later.
Long-Term Security Practices
- Regularly update and patch Junos OS to the latest versions to prevent vulnerabilities.
Patching and Updates
Ensure all affected systems are updated with the latest software releases to mitigate the risk of unauthenticated root login vulnerabilities.