[{"vendor":"juniper","product":"cloud_native_router","defaultStatus":"unknown","cpes":["cpe:2.3:h:juniper:cloud_native_router:*:*:*:*:*:*:*:*"],"versions":[{"version":"0","lessThan":"23.4","versionType":"semver","status":"affected"}]},{"vendor":"juniper","product":"crpd","defaultStatus":"unknown","cpes":["cpe:2.3:a:juniper:crpd:*:*:*:*:*:*:*:*"],"versions":[{"version":"0","lessThan":"23.4r1","versionType":"semver","status":"affected"}]}]

{"timestamp":"2024-05-22T17:16:37.125801Z","id":"CVE-2024-30407","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}

[{"vendor":"Juniper Networks, Inc.","product":"cRPD","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"23.4R1","versionType":"semver","status":"affected"}]},{"vendor":"Juniper Networks, Inc.","product":"Juniper Cloud Native Router (JCNR)","defaultStatus":"unaffected","versions":[{"version":"0","lessThan":"23.4","versionType":"semver","status":"affected"}]}]

https://supportportal.juniper.net/JSA79106

https://supportportal.juniper.net/JSA79107

https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

The Use of a Hard-coded Cryptographic Key vulnerability in Juniper Networks Juniper Cloud Native Router (JCNR) and containerized routing Protocol Deamon (cRPD) products allows an attacker to perform Person-in-the-Middle (PitM) attacks which results in complete compromise of the container. 

Due to hardcoded SSH host keys being present on the container, a PitM attacker can intercept SSH traffic without being detected. 

This issue affects Juniper Networks JCNR:
  *  All versions before 23.4.


This issue affects Juniper Networks cRPD:
  *  All versions before 23.4R1.

The Use of a Hard-coded Cryptographic Key vulnerability in Juniper Networks Juniper Cloud Native Router (JCNR) and containerized routing Protocol Deamon (cRPD) products allows an attacker to perform Person-in-the-Middle (PitM) attacks which results in complete compromise of the container. 

Due to hardcoded SSH host keys being present on the container, a PitM attacker can intercept SSH traffic without being detected. 

This issue affects Juniper Networks JCNR:
  *  All versions before 23.4.


This issue affects Juniper Networks cRPD:
  *  All versions before 23.4R1.

Juniper Networks, Inc. CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

The Use of a Hard-coded Cryptographic Key vulnerability in Juniper Networks Juniper Cloud Native Router (JCNR) and containerized routing Protocol Deamon (cRPD) products allows an attacker to perform Person-in-the-Middle (PitM) attacks which results in complete compromise of the container. 

Due to hardcoded SSH host keys being present on the container, a PitM attacker can intercept SSH traffic without being detected. 

This issue affects Juniper Networks JCNR:
  *  All versions before 23.4.


This issue affects Juniper Networks cRPD:
  *  All versions before 23.4R1.

Juniper Networks, Inc. AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Juniper Networks, Inc. CWE-321

Juniper Networks, Inc. https://supportportal.juniper.net/JSA79106 [No types assigned]

Juniper Networks, Inc. https://supportportal.juniper.net/JSA79107 [No types assigned]

Juniper Networks, Inc. https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N [No types assigned]