Juniper issues update after hardcoded identifications left in switches

Juniper Networks has released an update after discovering hardcoded credentials had been left in some of its datacenter switches.

Designated CVE-2019-0034, the exposed login was found in the Junos Network Agent, a software tool used to manage sensors and other devices that monitor network performance. Precisely, hardcoded credentials were found in Google gRPC, a component used with the Junos Telemetry Interface.

Juniper said in the alert that configuration files used by gRPC were found to comprise hardcoded identifications that could be used by the Junos Network Agent to do unlawful read of certain non-critical information.

“Moreover, APIs exposed via the Juniper Extension Toolkit (JET) may be able to accomplish non-critical ‘set’ operations on the device.”

While the susceptible components can be part of Junos, only switches running the Telemetry Interface with Junos Network Agent really have the hardcoded login details uncovered, so any box that is not running the Network Agent would be harmless from this bug.

Juniper says admins can check if they are running a susceptible version of Network Agent by entering the following command:

If the switch is found to be open to attack, Juniper is recommending admins update their firmware to the latest version of Junos.

Leave a Reply

Your email address will not be published. Required fields are marked *