Multiple vulnerabilities in Juniper Junos OS
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 24 |
| CVE-ID | CVE-2019-0063 CVE-2019-0064 CVE-2019-0065 CVE-2019-0066 CVE-2019-0067 CVE-2019-0068 CVE-2019-0069 CVE-2019-0050 CVE-2019-0074 CVE-2019-0075 CVE-2019-0071 CVE-2019-0073 CVE-2019-0051 CVE-2019-0070 CVE-2019-0047 CVE-2019-0062 CVE-2019-0061 CVE-2019-0060 CVE-2019-0058 CVE-2019-0059 CVE-2019-0057 CVE-2019-0056 CVE-2019-0054 CVE-2019-0055 |
| CWE-ID | CWE-20 CWE-312 CWE-399 CWE-22 CWE-354 CWE-276 CWE-400 CWE-79 CWE-384 CWE-264 CWE-269 CWE-401 CWE-285 CWE-295 CWE-119 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Juniper Junos OS Operating systems & Components / Operating system EX3400 Hardware solutions / Routers & switches, VoIP, GSM, etc EX2300-C Hardware solutions / Routers & switches, VoIP, GSM, etc EX2300 Hardware solutions / Routers & switches, VoIP, GSM, etc MX960 Hardware solutions / Routers & switches, VoIP, GSM, etc MX2008 Hardware solutions / Routers & switches, VoIP, GSM, etc MX2010 Hardware solutions / Routers & switches, VoIP, GSM, etc MX2020 Hardware solutions / Routers & switches, VoIP, GSM, etc MX480 Hardware solutions / Firmware |
| Vendor | Juniper Networks, Inc. |
Security Bulletin
This security bulletin contains information about 24 vulnerabilities.
1) Input validation error
EUVDB-ID: #VU21759
Risk: Low
CVSSv3.1: 5.7 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-0063
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input when an MX Series Broadband Remote Access Server (BRAS) is configured as a Broadband Network Gateway (BNG) with DHCPv6 enabled. A remote attacker can send a specially crafted DHCP response message on a subscriber interface, crash jdhcpd and cause an extended denial of service condition on the target system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsJuniper Junos OS: 15.1R - 19.1R1-S1
External linkshttp://kb.juniper.net/JSA10962
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Input validation error
EUVDB-ID: #VU21758
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-0064
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input when processing TCP packets if "set security zones security-zone <zone> tcp-rst" is configured. A remote attacker can send a specially crafted TCP packet, crash the flowd process and cause a denial of service on the target system.
Note: This vulnerability affects only Junos OS on SRX 5000 Series.
MitigationInstall updates from vendor's website.
Vulnerable software versionsJuniper Junos OS: 18.2R3 - 19.2R1
External linkshttp://kb.juniper.net/JSA10963
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Input validation error
EUVDB-ID: #VU21757
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-0065
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input when processing SIP packets. A remote attacker can send a specially crafted SIP packet, crash the MS-PIC component on MS-MIC or MS-MPC and cause a sustained denial of service condition on the target sysem.
Note: This issue affects Junos OS on MX Series when the SIP ALG is enabled.
MitigationInstall updates from vendor's website.
Vulnerable software versionsJuniper Junos OS: 16.1R - 18.4R1-S4
External linkshttp://kb.juniper.net/JSA10964
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Input validation error
EUVDB-ID: #VU21756
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-0066
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause a denial of service (DoS) condition on the target system.
The vulnerability exists due to an unexpected status return value weakness in the Next-Generation Multicast VPN (NG-mVPN) service. A remote attacker can send a specially crafted IPv4 packet to the device running BGP and cause a denial of service condition and core the routing protocol daemon (rpd) process.
MitigationInstall update from vendor's website.
Vulnerable software versionsJuniper Junos OS: 15.1F - 17.3R2-S2
External linkshttp://kb.juniper.net/JSA10965
http://www.juniper.net/documentation/en_US/junos/topics/task/configuration/ng-mvpn-services-enabling.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Input validation error
EUVDB-ID: #VU21755
Risk: Low
CVSSv3.1: 5.7 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-0067
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input when receipt of a specific link-local IPv6 packet destined to the RE. A remote attacker on adjacent network can send a specially crafted IPv6 packet, repeatedly crash the system and restart (vmcore) and cause a prolonged denial of service condition on the target system.
Note: This issue affects Junos OS devices with Multi-Chassis Link Aggregation Group (MC-LAG) enabled.
Mitigation
Install updates from vendor's website.
Vulnerable software versionsJuniper Junos OS: 16.1R - 17.1R3-S1
External linkshttp://kb.juniper.net/JSA10966
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Input validation error
EUVDB-ID: #VU21754
Risk: Low
CVSSv3.1: 5.7 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-0068
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input when the SRX flowd process processing specific multicast packets. A remote attacker on adjacent network can send specific multicast packets and repeatedly crash the target application.
Note: This vulnerability affects Junos OS on SRX Series.
MitigationInstall updates from vendor's website.
Vulnerable software versionsJuniper Junos OS: 12.3X48-D10 - 19.1R1
External linkshttp://kb.juniper.net/JSA10968
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Cleartext storage of sensitive information
EUVDB-ID: #VU21725
Risk: Low
CVSSv3.1: 5.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-0069
CWE-ID:
CWE-312 - Cleartext Storage of Sensitive Information
Exploit availability: No
Description- 15.1X49 versions prior to 15.1X49-D110 on vSRX, SRX1500, SRX4000 Series
- 15.1X53 versions prior to 15.1X53-D234 on QFX5110, QFX5200 Series
- 15.1X53 versions prior to 15.1X53-D68 on QFX10K Series
- 17.1 versions prior to 17.1R2-S8, 17.1R3, on QFX5110, QFX5200, QFX10K Series
- 17.2 versions prior to 17.2R1-S7, 17.2R2-S6, 17.2R3 on QFX5110, QFX5200, QFX10K Series
- 17.3 versions prior to 17.3R2 on vSRX, SRX1500, SRX4000, QFX5110, QFX5200, QFX10K Series
- 14.1X53 versions prior to 14.1X53-D47 on ACX5000, EX4600, QFX5100 Series
- 15.1 versions prior to 15.1R7 on ACX5000, EX4600, QFX5100 Series
- 16.1R7 versions prior to 16.1R7 on ACX5000, EX4600, QFX5100 Series
- 17.1 versions prior to 17.1R2-S10, 17.1R3 on ACX5000, EX4600, QFX5100 Series
- 17.2 versions prior to 17.2R3 on ACX5000, EX4600, QFX5100 Series
- 17.3 versions prior to 17.3R3 on ACX5000, EX4600, QFX5100 Series
- 17.4 versions prior to 17.4R2 on ACX5000, EX4600, QFX5100 Series
- 18.1 versions prior to 18.1R2 on ACX5000, EX4600, QFX5100 Series
- 15.1X53 versions prior to 15.1X53-D496 on NFX Series
- 17.2 versions prior to 17.2R3-S1 on NFX Series
- 17.3 versions prior to 17.3R3-S4 on NFX Series
- 17.4 versions prior to 17.4R2-S4, 17.4R3 on NFX Series
- 18.1 versions prior to 18.1R3-S4 on NFX Series
- 18.2 versions prior to 18.2R2-S3, 18.2R3 on NFX Series
- 18.3 versions prior to 18.3R1-S3, 18.3R2 on NFX Series
- 18.4 versions prior to 18.4R1-S1, 18.4R2 on NFX Series
Install updates from vendor's website.
Vulnerable software versionsJuniper Junos OS: 14.1x53 - 18.4
External linkshttp://kb.juniper.net/JSA10969
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Resource management error
EUVDB-ID: #VU21724
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-0050
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to an error when "srxpfe" process can crash under certain heavy traffic conditions. A remote attacker can send a specially crafted request and cause a denial of service condition.
Note: This vulnerability affects only Junos OS on SRX1500 platforms.
MitigationInstall updates from vendor's website.
Vulnerable software versionsJuniper Junos OS: 15.1X49-D10 - 18.4R1-S4
External linkshttp://kb.juniper.net/JSA10972
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Path traversal
EUVDB-ID: #VU21723
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-0074
CWE-ID:
CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform directory traversal attacks.
The vulnerability exists due to input validation error when processing directory traversal sequences. A local authenticated user can send a specially crafted HTTP request and read arbitrary files on the system.
Note: This vulnerability affects only Junos OS on NFX150 Series, QFX10K Series, EX9200 Series, MX Series and PTX Series with Next-Generation Routing Engine (NG-RE) and vmhost.
MitigationInstall updates from vendor's website.
Vulnerable software versionsJuniper Junos OS: 15.1F1 - 18.4R1
External linkshttp://kb.juniper.net/JSA10975
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Input validation error
EUVDB-ID: #VU21722
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-0075
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input in the srxpfe process on Protocol Independent Multicast (PIM). A remote attacker can send a specially crafted (PIM) messages, crash the srxpfe process, reboot FPC and cause a denial of service condition.
Note: This vulnerability affects only Junos OS on SRX Series.
MitigationInstall updates from vendor's website.
Vulnerable software versionsJuniper Junos OS: 12.3x48 - 17.3R3-S6
External linkshttp://kb.juniper.net/JSA10976
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Improper validation of integrity check value
EUVDB-ID: #VU21718
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-0071
CWE-ID:
CWE-354 - Improper Validation of Integrity Check Value
Exploit availability: No
DescriptionThe vulnerability exists due to an error when the Veriexec subsystem will fail to initialize, in essence disabling file integrity checking. A local authenticated user with shell access can install untrusted executable images, elevate privileges and gain full control of the system.
Install updates from vendor's website.
Vulnerable software versionsEX3400: All versions
EX2300-C: All versions
EX2300: All versions
Juniper Junos OS: 18.1 - 18.3R1-S3
External linkshttp://kb.juniper.net/JSA10978
http://www.juniper.net/documentation/en_US/junos/topics/concept/veriexec.html
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to send a specially crafted request to the affected device in order to exploit this vulnerability.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
12) Incorrect default permissions
EUVDB-ID: #VU21717
Risk: Low
CVSSv3.1: 5.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-0073
CWE-ID:
CWE-276 - Incorrect Default Permissions
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to the PKI keys exported using the command "run request security pki key-pair export" have insecure file permissions. A local user with access to the system can view contents of files and directories or modify them.
MitigationInstall updates from vendor's website.
Vulnerable software versionsJuniper Junos OS: 15.1X49-D10 - 18.4R1-S4
External linkshttp://kb.juniper.net/JSA10974
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
13) Resource exhaustion
EUVDB-ID: #VU21704
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-0051
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to the SSL-Proxy feature on SRX devices fails to handle a hardware resource limitation. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.
Note: This vulnerability affects only Junos OS on SRX5000 Series
MitigationInstall updates from vendor's website.
Vulnerable software versionsJuniper Junos OS: 12.3X48-D10 - 19.1R1-S2
External linkshttp://kb.juniper.net/InfoCenter/index?page=content&id=JSA10973&cat=SIRT_1&actp=LIST
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
14) Input validation error
EUVDB-ID: #VU21703
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-0070
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
Description
The vulnerability allows a local user to execute arbitrary code on the target system.
The vulnerability exists due to insufficient validation of user-supplied input. A local authenticated user can elevate his permissions to take control of other portions of the NFX platform and execute arbitrary commands outside their authorized scope of control.
Note: This vulnerability affects only Junos OS on NFX Series.
MitigationInstall updates from vendor's website.
Vulnerable software versionsJuniper Junos OS: 18.2
External linkshttp://kb.juniper.net/InfoCenter/index?page=content&id=JSA10977&cat=SIRT_1&actp=LIST
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
15) Stored Cross-site scripting
EUVDB-ID: #VU21701
Risk: Low
CVSSv3.1: 6.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-0047
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data in J-Web interface. A remote attacker can inject and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
MitigationInstall update from vendor's website.
Vulnerable software versionsJuniper Junos OS: 12.1X46-D10 - 18.4R1-S1
External linkshttp://kb.juniper.net/JSA10970
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
16) Session Fixation
EUVDB-ID: #VU21700
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-0062
CWE-ID:
CWE-384 - Session Fixation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to steal authenticated sessions.
The vulnerability exists in the J-Web due to the the affected software does not invalidate the previous session and create a new one upon successful login. A remote attacker can use social engineering techniques to fix and hijack a J-Web administrators web session and gain administrative access to the device. MitigationInstall updates from vendor's website.
Vulnerable software versionsJuniper Junos OS: 12.3R10 - 19.1R1-S1
External linkshttp://kb.juniper.net/InfoCenter/index?page=content&id=JSA10961&cat=SIRT_1&actp=LIST
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
17) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU21699
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-0061
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to insecure management daemon (MGD) configuration. A local authenticated user can gain administrative privileges due to a misconfiguration of the internal socket.
MitigationInstall updates from vendor's website.
Vulnerable software versionsJuniper Junos OS: 15.1X49 - 18.4R1-S1
External linkshttp://kb.juniper.net/InfoCenter/index?page=content&id=JSA10960&cat=SIRT_1&actp=LIST
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
18) Input validation error
EUVDB-ID: #VU21698
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-0060
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input in the flowd process when processing specific transit IP packets through an IPSec tunnel. A remote attacker can cause an extended Denial of Service (DoS) condition.
Note: This issue only occurs when IPSec tunnels are configured. Systems without IPSec tunnel configurations are not vulnerable to this issue.
MitigationInstall updates from vendor's website.
Vulnerable software versionsJuniper Junos OS: 15.1X49 - 18.4R1-S4
External linkshttp://kb.juniper.net/InfoCenter/index?page=content&id=JSA10959&cat=SIRT_1&actp=LIST
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
19) Improper Privilege Management
EUVDB-ID: #VU21697
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-0058
CWE-ID:
CWE-269 - Improper Privilege Management
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privilege on the target system.
The vulnerability exists due to missing access controls in the Veriexec subsystem. A local user can elevate privileges to gain full control of the target system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsJuniper Junos OS: 12.3x48 - 12.3X48-D77
External linkshttp://kb.juniper.net/InfoCenter/index?page=content&id=JSA10956&cat=SIRT_1&actp=LIST
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
20) Memory leak
EUVDB-ID: #VU21696
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-0059
CWE-ID:
CWE-401 - Missing release of memory after effective lifetime
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause a denial of service (DoS) condition.
The vulnerability exists due to memory leak in the routing protocol process (rpd). A remote attacker can send specific commands from a peered BGP host, have those BGP states delivered to the vulnerable device and perform a denial of service attack.
MitigationInstall updates from vendor's website.
Vulnerable software versionsJuniper Junos OS: 18.1 - 18.1x75
External linkshttp://kb.juniper.net/InfoCenter/index?page=content&id=JSA10957&cat=SIRT_1&actp=LIST
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
21) Improper Authorization
EUVDB-ID: #VU21695
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-0057
CWE-ID:
CWE-285 - Improper Authorization
Exploit availability: No
DescriptionThe vulnerability allows a local user to bypass authorization checks.
The vulnerability exists due to missing authorization checks. A local user can bypass regular security controls to access the Junos Device Manager (JDM) application and take control of the system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsJuniper Junos OS: 18.2 - 18.2R3-S8
External linkshttp://kb.juniper.net/InfoCenter/index?page=content&id=JSA10955&cat=SIRT_1&actp=LIST
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
22) Insufficient Resource Pool
EUVDB-ID: #VU21694
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-0056
CWE-ID: N/A
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause a denial of service (DoS) condition.
The vulnerability exists due to the device's resource pool is not large enough to handle peak demand. A remote attacker can cause the device's Open Shortest Path First (OSPF) states to transition to Down and perform a denial of service attack.
Note: This issue only affects devices with three (3) or more MPC10's installed in a single chassis with OSPF enabled and configured on the device.
MitigationInstall updates from vendor's website.
Vulnerable software versionsJuniper Junos OS: 18.1 - 18.4R1-S1
MX480: All versions
MX960: All versions
MX2008: All versions
MX2010: All versions
MX2020: All versions
External linkshttp://kb.juniper.net/InfoCenter/index?page=content&id=JSA10954&cat=SIRT_1&actp=LIST
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
23) Improper Certificate Validation
EUVDB-ID: #VU21693
Risk: Medium
CVSSv3.1: 5.9 [CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-0054
CWE-ID:
CWE-295 - Improper Certificate Validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a man-in-the-middle (MiTM) attack.
The vulnerability exists due to an improper certificate validation weakness in the SRX Series Application Identification (app-id) signature update client. A remote attacker can perform MitM attack during app-id signature updates.
MitigationInstall updates from vendor's website.
Vulnerable software versionsJuniper Junos OS: 15.1X49 - 15.1X49-D110
External linkshttp://kb.juniper.net/InfoCenter/index?page=content&id=JSA10952&cat=SIRT_1&actp=LIST
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
24) Buffer overflow
EUVDB-ID: #VU21692
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-0055
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
Description
The vulnerability allows a remote attacker to cause a denial of service (DoS) condition.
The vulnerability exists due to a boundary error in the SIP ALG packet processing service. A remote attacker can send a specific types of valid SIP traffic to the device, cause flowd process to crash, trigger memory corruption and cause a denial of service condition.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsJuniper Junos OS: 12.3x48 - 17.4R1-S8
External linkshttp://kb.juniper.net/InfoCenter/index?page=content&id=JSA10953&cat=SIRT_1&actp=LIST
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
