Skip to main content

Juniper slips out update after hardcoded credentials left in switches

posted onApril 11, 2019
by l33tdawg
The Register
Credit: The Register

Juniper Networks has issued an update after finding hardcoded credentials had been left in some of its datacenter switches.

The exposed login, designated CVE-2019-0034, was found in the Junos Network Agent, a software tool used to manage sensors and other devices that monitor network performance. Specifically, hardcoded credentials were found in Google gRPC, a component used with the Junos Telemetry Interface.

"Configuration files used by gRPC were found to contain hardcoded credentials that could be used by the Junos Network Agent to perform unauthorized read of certain non-critical information (e.g. sensor data)," Juniper said in announcing the alert.

Source

Tags

Security

You May Also Like

Recent News

Friday, November 29th

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th