CVE-2018-0025
MEDIUMJuniper Junos Cleartext Transmission of Sensitive Information via HTTP/HTTPS Pass-Through Authentication
Title source: llmDescription
When an SRX Series device is configured to use HTTP/HTTPS pass-through authentication services, a client sending authentication credentials in the initial HTTP/HTTPS session is at risk that these credentials may be captured during follow-on HTTP/HTTPS requests by a malicious actor through a man-in-the-middle attack or by authentic servers subverted by malicious actors. FTP, and Telnet pass-through authentication services are not affected. Affected releases are Juniper Networks SRX Series: 12.1X46 versions prior to 12.1X46-D67 on SRX Series; 12.3X48 versions prior to 12.3X48-D25 on SRX Series; 15.1X49 versions prior to 15.1X49-D35 on SRX Series.
References (6)
Core 6
Core References
Vendor Advisory x_refsource_misc
https://www.juniper.net/documentation/en_US/junos/topics/concept/firewall-user-authentication-pass-through-understanding.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/104719
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1041316
Vendor Advisory x_refsource_misc
https://www.juniper.net/documentation/en_US/junos/topics/example/security-https-traffic-to-trigger-pass-through-authentication-configuring.html
Vendor Advisory x_refsource_misc
https://www.juniper.net/documentation/en_US/junos/topics/example/firewall-user-authentication-pass-through-configuring-cli.html
Mitigation, Vendor Advisory x_refsource_confirm
https://kb.juniper.net/JSA10858
Scores
CVSS v3
6.1
EPSS
0.0021
EPSS Percentile
43.3%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N
Details
CWE
CWE-319
CWE-300
Status
published
Products (3)
juniper/junos
12.1x46 (14 CPE variants)
juniper/junos
12.3x48 (4 CPE variants)
juniper/junos
15.1x49 (4 CPE variants)
Published
Jul 11, 2018
Tracked Since
Feb 18, 2026