Unrated severityNVD Advisory· Published Apr 10, 2019· Updated Sep 16, 2024

Junos Space Service Now and Service Insight: Organization username and password stored in plaintext in log files.

CVE-2019-0032

Description

A password management issue exists where the Organization authentication username and password were stored in plaintext in log files. A locally authenticated attacker who is able to access these stored plaintext credentials can use them to login to the Organization. Affected products are: Juniper Networks Service Insight versions from 15.1R1, prior to 18.1R1. Service Now versions from 15.1R1, prior to 18.1R1.

Affected products

Juniper Networks/Service Insightllm-create2 versions
>=15.1R1, <18.1R1+ 1 more
- (no CPE)range: >=15.1R1, <18.1R1
- (no CPE)range: 15.1R1
Juniper Networks/Service Nowllm-create2 versions
>=15.1R1, <18.1R1+ 1 more
- (no CPE)range: >=15.1R1, <18.1R1
- (no CPE)range: 15.1R1

Patches

Vulnerability mechanics

References

www.securityfocus.com/bid/107885mitrevdb-entryx_refsource_BID
kb.juniper.net/JSA10921mitrex_refsource_CONFIRM
kb.juniper.net/KB27572mitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000