CVE-2018-0035 : What You Need to Know
QFX5200 and QFX10002 devices with certain Junos OS versions may have an unintended ONIE partition, allowing unauthorized access. Learn about the impact, mitigation steps, and long-term security practices.
QFX5200 and QFX10002 devices with certain Junos OS versions may have an unintended ONIE partition, posing security risks.
Understanding CVE-2018-0035
This CVE involves the presence of an additional Open Network Install Environment (ONIE) partition in specific Junos OS versions for QFX5200 and QFX10002 devices.
What is CVE-2018-0035?
- Devices may contain an unintended ONIE partition allowing unauthorized access after reboot
- Superuser can access console or SSH without a password
The Impact of CVE-2018-0035
- High availability impact with a CVSS base score of 4.4
- No confidentiality or integrity impact
- Denial of Service vulnerability
Technical Details of CVE-2018-0035
Affected Systems and Versions
- Platforms: QFX5200 and QFX10002
- Product: Junos OS
- Vulnerable Version: 15.1X53-D60 and below
Vulnerability Description
- Unintended ONIE partition in affected Junos OS versions
- Allows unauthorized access as root without a password
Affected Systems and Versions
- Junos OS versions 15.1X53-D21 to 15.1X53-D60
Exploitation Mechanism
- Local attack vector with high privileges required
- No known malicious exploitation reported
Mitigation and Prevention
Immediate Steps to Take
- Reimage the device using USB or PXE image from Juniper download page
Long-Term Security Practices
- Limit access to trusted networks or hosts
- Restrict CLI access to trusted administrators
Patching and Updates
- Affected Junos image files removed from Juniper download page