Unrated severityNVD Advisory· Published Oct 9, 2019· Updated Sep 16, 2024
Junos OS: PKI key pairs are exported with insecure file permissions
CVE-2019-0073
Description
The PKI keys exported using the command "run request security pki key-pair export" on Junos OS may have insecure file permissions. This may allow another user on the Junos OS device with shell access to read them. This issue affects: Juniper Networks Junos OS 15.1X49 versions prior to 15.1X49-D180; 17.3 versions prior to 17.3R3-S7; 17.4 versions prior to 17.4R2-S8, 17.4R3; 18.1 versions prior to 18.1R3-S8; 18.2 versions prior to 18.2R3; 18.3 versions prior to 18.3R2; 18.4 versions prior to 18.4R2.
Affected products
2>=15.1X49, <15.1X49-D180; >=17.3, <17.3R3-S7; >=17.4, <17.4R2-S8, <17.4R3; >=18.1, <18.1R3-S8; >=18.2, <18.2R3; >=18.3, <18.3R2; >=18.4, <18.4R2+ 1 more
- (no CPE)range: >=15.1X49, <15.1X49-D180; >=17.3, <17.3R3-S7; >=17.4, <17.4R2-S8, <17.4R3; >=18.1, <18.1R3-S8; >=18.2, <18.2R3; >=18.3, <18.3R2; >=18.4, <18.4R2
- (no CPE)range: 15.1X49
Patches
Vulnerability mechanics
References
1- kb.juniper.net/JSA10974mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.