Main Vulnerability Database SB2019041036

SB2019041036 - Cleartext storage of sensitive Information in Junos Space Service Insight

Published: April 10, 2019 Updated: May 20, 2019

Security Bulletin ID SB2019041036

Severity

High

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Cleartext storage of sensitive Information (CVE-ID: CVE-2019-0032)

The vulnerability allows a local user to gain access to the unencrypted data storage.

The vulnerability exists due to store username and password in plaintext in log files. A locally authenticated attacker can gain access to the Organization and read, modify or delete sensitive data.

Remediation

Install update from vendor's website.

References

http://www.securityfocus.com/bid/107885
https://kb.juniper.net/JSA10921
https://kb.juniper.net/KB27572