SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Device (Router/Bridge/Hub)  >   Juniper Junos Vendors:   Juniper
Juniper Junos Reboot Issue Lets Remote Users Bypass the Firewall
SecurityTracker Alert ID:  1041315
SecurityTracker URL:  http://securitytracker.com/id/1041315
CVE Reference:   CVE-2018-0026   (Links to External Site)
Date:  Jul 19 2018
Impact:   Host/resource access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 15.1, 15.1X8
Description:   A vulnerability was reported in Juniper Junos. A remote user can bypass security controls on the target system.

After the device reboots or is upgraded, the stateless firewall filter configuration may not be applied. In this case, a remote user can bypass the firewall to access resources on the target system or network.

After Junos OS device reboot or upgrade, the stateless firewall filter configuration may not take effect.

Firewall filters for every address family are affected.

The vendor has assigned PR 1161832 to this vulnerability.

Impact:   A remote user can bypass the firewall to access hosts or resources on the protected network.
Solution:   The vendor has issued a fix (15.1R7, 15.1X8.3).

The vendor advisory is available at:

https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10859

Vendor URL:  kb.juniper.net/InfoCenter/index?page=content&id=JSA10859 (Links to External Site)
Cause:   Access control error

Message History:   None.


 Source Message Contents

Subject:  https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10859

 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC