Juniper Junos 12.1X44 prior to 12.1X44-D45, 12.1X46 prior to 12.1X46-D30, 12.1X47 prior to 12.1X47-D15, and 12.3X48 prior to 12.3X48-D10 on SRX series devices does not properly enforce the log-out-on-disconnect feature when configured in the [system port console] stanza, which allows physically proximate malicious users to reconnect to the console port and gain administrative access by leveraging access to the device.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
juniper junos 12.1x46 |
||
juniper junos 12.1x44 |
||
juniper junos 12.1x48 |
||
juniper junos 12.1x47 |
||
juniper junos 12.1x45 |