#VU21725 Cleartext storage of sensitive information in Juniper Junos OS - CVE-2019-0069


Vulnerability identifier: #VU21725

Vulnerability risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2019-0069

CWE-ID: CWE-312

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
Juniper Junos OS
Operating systems & Components / Operating system

Vendor: Juniper Networks, Inc.

Description

The vulnerability allows a local user to view the password on the target system.

The vulnerability exists due to the affected software stores credentials used during device authentication unencrypted in its log file. A local authenticated user can obtain credentials.

Note: This vulnerability affects only the following versions of Junos OS:

  • 15.1X49 versions prior to 15.1X49-D110 on vSRX, SRX1500, SRX4000 Series
  • 15.1X53 versions prior to 15.1X53-D234 on QFX5110, QFX5200 Series
  • 15.1X53 versions prior to 15.1X53-D68 on QFX10K Series
  • 17.1 versions prior to 17.1R2-S8, 17.1R3, on QFX5110, QFX5200, QFX10K Series
  • 17.2 versions prior to 17.2R1-S7, 17.2R2-S6, 17.2R3 on QFX5110, QFX5200, QFX10K Series
  • 17.3 versions prior to 17.3R2 on vSRX, SRX1500, SRX4000, QFX5110, QFX5200, QFX10K Series
  • 14.1X53 versions prior to 14.1X53-D47 on ACX5000, EX4600, QFX5100 Series
  • 15.1 versions prior to 15.1R7 on ACX5000, EX4600, QFX5100 Series
  • 16.1R7 versions prior to 16.1R7 on ACX5000, EX4600, QFX5100 Series
  • 17.1 versions prior to 17.1R2-S10, 17.1R3 on ACX5000, EX4600, QFX5100 Series
  • 17.2 versions prior to 17.2R3 on ACX5000, EX4600, QFX5100 Series
  • 17.3 versions prior to 17.3R3 on ACX5000, EX4600, QFX5100 Series
  • 17.4 versions prior to 17.4R2 on ACX5000, EX4600, QFX5100 Series
  • 18.1 versions prior to 18.1R2 on ACX5000, EX4600, QFX5100 Series
  • 15.1X53 versions prior to 15.1X53-D496 on NFX Series
  • 17.2 versions prior to 17.2R3-S1 on NFX Series
  • 17.3 versions prior to 17.3R3-S4 on NFX Series
  • 17.4 versions prior to 17.4R2-S4, 17.4R3 on NFX Series
  • 18.1 versions prior to 18.1R3-S4 on NFX Series
  • 18.2 versions prior to 18.2R2-S3, 18.2R3 on NFX Series
  • 18.3 versions prior to 18.3R1-S3, 18.3R2 on NFX Series
  • 18.4 versions prior to 18.4R1-S1, 18.4R2 on NFX Series

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Juniper Junos OS: 14.1x53, 15.1X49 - 15.1, 16.1R7, 17.1, 17.2, 17.3, 17.4, 18.1, 18.2, 18.3, 18.4

External links
https://kb.juniper.net/JSA10969

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Multiple vulnerabilities in Juniper Junos OS