Attacker Value

Unknown

(0 users assessed)

Exploitability

Unknown

(0 users assessed)

User Interaction

CVE-2019-0069

Disclosure Date: October 09, 2019 •

CVE-2019-0069 CVSS v3 Base Score: 5.5

MITRE ATT&CK

Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

On EX4600, QFX5100 Series, NFX Series, QFX10K Series, QFX5110, QFX5200 Series, QFX5110, QFX5200, QFX10K Series, vSRX, SRX1500, SRX4000 Series, vSRX, SRX1500, SRX4000, QFX5110, QFX5200, QFX10K Series, when the user uses console management port to authenticate, the credentials used during device authentication are written to a log file in clear text. This issue does not affect users that are logging-in using telnet, SSH or J-web to the management IP. This issue affects ACX, NFX, SRX, EX and QFX platforms with the Linux Host OS architecture, it does not affect other SRX and EX platforms that do not use the Linux Host OS architecture. This issue affects Juniper Networks Junos OS: 15.1X49 versions prior to 15.1X49-D110 on vSRX, SRX1500, SRX4000 Series; 15.1X53 versions prior to 15.1X53-D234 on QFX5110, QFX5200 Series; 15.1X53 versions prior to 15.1X53-D68 on QFX10K Series; 17.1 versions prior to 17.1R2-S8, 17.1R3, on QFX5110, QFX5200, QFX10K Series; 17.2 versions prior to 17.2R1-S7, 17.2R2-S6, 17.2R3 on QFX5110, QFX5200, QFX10K Series; 17.3 versions prior to 17.3R2 on vSRX, SRX1500, SRX4000, QFX5110, QFX5200, QFX10K Series; 14.1X53 versions prior to 14.1X53-D47 on ACX5000, EX4600, QFX5100 Series; 15.1 versions prior to 15.1R7 on ACX5000, EX4600, QFX5100 Series; 16.1R7 versions prior to 16.1R7 on ACX5000, EX4600, QFX5100 Series; 17.1 versions prior to 17.1R2-S10, 17.1R3 on ACX5000, EX4600, QFX5100 Series; 17.2 versions prior to 17.2R3 on ACX5000, EX4600, QFX5100 Series; 17.3 versions prior to 17.3R3 on ACX5000, EX4600, QFX5100 Series; 17.4 versions prior to 17.4R2 on ACX5000, EX4600, QFX5100 Series; 18.1 versions prior to 18.1R2 on ACX5000, EX4600, QFX5100 Series; 15.1X53 versions prior to 15.1X53-D496 on NFX Series, 17.2 versions prior to 17.2R3-S1 on NFX Series; 17.3 versions prior to 17.3R3-S4 on NFX Series; 17.4 versions prior to 17.4R2-S4, 17.4R3 on NFX Series, 18.1 versions prior to 18.1R3-S4 on NFX Series; 18.2 versions prior to 18.2R2-S3, 18.2R3 on NFX Series; 18.3 versions prior to 18.3R1-S3, 18.3R2 on NFX Series; 18.4 versions prior to 18.4R1-S1, 18.4R2 on NFX Series.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics

Data provided by the National Vulnerability Database (NVD)

Base Score:

5.5 Medium

Impact Score:

3.6

Exploitability Score:

1.8

Vector:

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Attack Vector (AV):

Local

Attack Complexity (AC):

Low

Privileges Required (PR):

Low

User Interaction (UI):

None

Scope (S):

Unchanged

Confidentiality (C):

High

Integrity (I):

None

Availability (A):

None

Vendors

juniper

Products

junos 14.1x53,
junos 15.1,
junos 15.1x49,
junos 15.1x53,
junos 16.1,
junos 17.1,
junos 17.2,
junos 17.3,
junos 17.4,
junos 18.1,
junos 18.2,
junos 18.3,
junos 18.4

References

Canonical

CVE-2019-0069 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0069)

Advisory

https://kb.juniper.net/JSA10969

Rapid7

Unknown

CVE-2019-0069

Unknown

Unknown

None

Low

Local

CVE-2019-0069

Description

Add Assessment

CVSS V3 Severity and Metrics

General Information

Vendors

Products

References

Canonical

Advisory

Additional Info

Technical Analysis

Unknown

CVE-2019-0069

Unknown

Unknown

None

Low

Local

CVE-2019-0069

Description

Add Assessment

CVSS V3 Severity and Metrics

General Information

Vendors

Products

References

Canonical

Advisory

Additional Info

Technical Analysis

Quick Cookie Notification