VYPR
Unrated severityNVD Advisory· Published Oct 9, 2019· Updated Sep 16, 2024

Junos OS: PKI key pairs are exported with insecure file permissions

CVE-2019-0073

Description

The PKI keys exported using the command "run request security pki key-pair export" on Junos OS may have insecure file permissions. This may allow another user on the Junos OS device with shell access to read them. This issue affects: Juniper Networks Junos OS 15.1X49 versions prior to 15.1X49-D180; 17.3 versions prior to 17.3R3-S7; 17.4 versions prior to 17.4R2-S8, 17.4R3; 18.1 versions prior to 18.1R3-S8; 18.2 versions prior to 18.2R3; 18.3 versions prior to 18.3R2; 18.4 versions prior to 18.4R2.

Affected products

2
  • Juniper Networks/Junosllm-fuzzy2 versions
    >=15.1X49, <15.1X49-D180; >=17.3, <17.3R3-S7; >=17.4, <17.4R2-S8, <17.4R3; >=18.1, <18.1R3-S8; >=18.2, <18.2R3; >=18.3, <18.3R2; >=18.4, <18.4R2+ 1 more
    • (no CPE)range: >=15.1X49, <15.1X49-D180; >=17.3, <17.3R3-S7; >=17.4, <17.4R2-S8, <17.4R3; >=18.1, <18.1R3-S8; >=18.2, <18.2R3; >=18.3, <18.3R2; >=18.4, <18.4R2
    • (no CPE)range: 15.1X49

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.