Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Informations
Name CVE-2020-1614 First vendor Publication 2020-04-08
Vendor Cve Last vendor Modification 2020-07-29

Security-Database Scoring CVSS v3

Cvss vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Overall CVSS Score 10
Base Score 10 Environmental Score 10
impact SubScore 6 Temporal Score 10
Exploitabality Sub Score 3.9
 
Attack Vector Network Attack Complexity Low
Privileges Required None User Interaction None
Scope Changed Confidentiality Impact High
Integrity Impact High Availability Impact High
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score 9.3 Attack Range Network
Cvss Impact Score 10 Attack Complexity Medium
Cvss Expoit Score 8.6 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

A Use of Hard-coded Credentials vulnerability exists in the NFX250 Series for the vSRX Virtual Network Function (VNF) instance, which allows an attacker to take control of the vSRX VNF instance if they have the ability to access an administrative service (e.g. SSH) on the VNF, either locally, or through the network. This issue only affects the NFX250 Series vSRX VNF. No other products or platforms are affected. This issue is only applicable to environments where the vSRX VNF root password has not been configured. This issue affects the Juniper Networks NFX250 Network Services Platform vSRX VNF instance on versions prior to 19.2R1.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1614

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-798 Use of Hard-coded Credentials (CWE/SANS Top 25)

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 6
Hardware 1
Os 773

Sources (Detail)

Source Url
MISC https://kb.juniper.net/JSA10997
https://www.juniper.net/documentation/en_US/release-independent/junos/topics/...

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
Date Informations
2020-07-30 00:22:55
  • Multiple Updates
2020-07-25 01:25:59
  • Multiple Updates
2020-07-23 12:26:05
  • Multiple Updates
2020-05-24 01:31:16
  • Multiple Updates
2020-05-23 02:35:56
  • First insertion