CVE-2020-1615
Description
The factory configuration for vMX installations, as shipped, includes default credentials for the root account. Without proper modification of these default credentials by the administrator, an attacker could exploit these credentials and access the vMX instance without authorization. This issue affects Juniper Networks Junos OS: 17.1 versions prior to 17.1R2-S11, 17.1R3-S2 on vMX; 17.2 versions prior to 17.2R3-S3 on vMX; 17.3 versions prior to 17.3R2-S5, 17.3R3-S7 on vMX; 17.4 versions prior to 17.4R2-S9, 17.4R3 on vMX; 18.1 versions prior to 18.1R3-S9 on vMX; 18.2 versions prior to 18.2R2-S7, 18.2R3-S3 on vMX; 18.2X75 versions prior to 18.2X75-D420, 18.2X75-D60 on vMX; 18.3 versions prior to 18.3R1-S7, 18.3R2-S3, 18.3R3-S1 on vMX; 18.4 versions prior to 18.4R1-S5, 18.4R2-S3, 18.4R3 on vMX; 19.1 versions prior to 19.1R1-S4, 19.1R2, 19.1R3 on vMX; 19.2 versions prior to 19.2R1-S3, 19.2R2 on vMX; 19.3 versions prior to 19.3R1-S1, 19.3R2 on vMX.
Risk Information
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| perl-App-cpanminus Security Update (ALAS-2025-2802) perl-App-cpanminus-1.6922-2.amzn2.0.2.noarch.rpm | Linux |
| Vulnerabilities CVE-2020-1615,CVE-2020-1628,CVE-2020-1632,CVE-2020-1656 are fixed in junos 17.1R3-S2 | NCM |
| Multiple Vulnerabilities are fixed in junos 17.2R3-S3 | NCM |
| Multiple Vulnerabilities are fixed in junos 17.3R3-S7 | NCM |
| Multiple Vulnerabilities are fixed in junos 17.4R3 | NCM |
| Multiple Vulnerabilities are fixed in junos 18.1R3-S9 | NCM |
| Multiple Vulnerabilities are fixed in junos 18.2R3-S3 | NCM |
| Multiple Vulnerabilities are fixed in junos 18.3R3-S1 | NCM |
| Multiple Vulnerabilities are fixed in junos 18.4R3 | NCM |
| Multiple Vulnerabilities are fixed in junos 19.1R3 | NCM |
| Multiple Vulnerabilities are fixed in junos 19.2R2 | NCM |
| Multiple Vulnerabilities are fixed in junos 19.3r2 | NCM |
| Use of Hard-coded Credentials Vulnerability (CVE-2020-1615) | NCM |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-1704488 | Security Update for junos 9.2r1 |
| PATCH-1704488 | Security Update for junos 9.2r1 |
| PATCH-1704488 | Security Update for junos 9.2r1 |
| PATCH-1704488 | Security Update for junos 9.2r1 |
| PATCH-1704488 | Security Update for junos 9.2r1 |
| PATCH-1704488 | Security Update for junos 9.2r1 |
| PATCH-1704488 | Security Update for junos 9.2r1 |
| PATCH-1704488 | Security Update for junos 9.2r1 |
| PATCH-1704488 | Security Update for junos 9.2r1 |
| PATCH-1704488 | Security Update for junos 9.2r1 |
| PATCH-1704488 | Security Update for junos 9.2r1 |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234