CVE-2019-0061

🗓️ 09 Oct 2019 19:26:17Reported by juniperType

The management daemon (MGD) in Junos OS allows local, authenticated user to gain admin privileges via misconfigured internal socket. Linux-based platforms affected

Reporter	Title	Published	Views	Family All 7
CNVD	Juniper Networks Junos OS License Issue Vulnerability	14 Nov 201900:00	–	cnvd
Cvelist	CVE-2019-0061 Junos OS: Insecure management daemon (MGD) configuration may allow local privilege escalation	9 Oct 201919:26	–	cvelist
EUVD	EUVD-2019-0868	7 Oct 202500:30	–	euvd
Tenable Nessus	Juniper JSA10960	13 Dec 201900:00	–	nessus
NVD	CVE-2019-0061	9 Oct 201920:15	–	nvd
Prion	Design/Logic Flaw	9 Oct 201920:15	–	prion
Symantec	Juniper Junos CVE-2019-0061 Local Privilege Escalation Vulnerability	9 Oct 201900:00	–	symantec

NVD

Vulners

Node

juniper junosMatch15.1x49-

juniper junosMatch15.1x49d10

juniper junosMatch15.1x49d100

juniper junosMatch15.1x49d110

juniper junosMatch15.1x49d120

juniper junosMatch15.1x49d130

juniper junosMatch15.1x49d140

juniper junosMatch15.1x49d150

juniper junosMatch15.1x49d160

juniper junosMatch15.1x49d20

juniper junosMatch15.1x49d30

juniper junosMatch15.1x49d35

juniper junosMatch15.1x49d40

juniper junosMatch15.1x49d45

juniper junosMatch15.1x49d50

juniper junosMatch15.1x49d55

juniper junosMatch15.1x49d60

juniper junosMatch15.1x49d65

juniper junosMatch15.1x49d70

juniper junosMatch15.1x49d75

juniper junosMatch15.1x49d80

juniper junosMatch15.1x49d90

Node

juniper junosMatch15.1x53-

juniper junosMatch15.1x53d20

juniper junosMatch15.1x53d21

juniper junosMatch15.1x53d210

juniper junosMatch15.1x53d25

juniper junosMatch15.1x53d30

juniper junosMatch15.1x53d31

juniper junosMatch15.1x53d32

juniper junosMatch15.1x53d33

juniper junosMatch15.1x53d34

juniper junosMatch15.1x53d40

juniper junosMatch15.1x53d45

juniper junosMatch15.1x53d470

juniper junosMatch15.1x53d495

juniper junosMatch15.1x53d56

juniper junosMatch15.1x53d60

juniper junosMatch15.1x53d61

juniper junosMatch15.1x53d62

juniper junosMatch15.1x53d63

juniper junosMatch15.1x53d65

juniper junosMatch15.1x53d70

Node

juniper junosMatch16.1-

juniper junosMatch16.1r1

juniper junosMatch16.1r2

juniper junosMatch16.1r3

juniper junosMatch16.1r3-s10

juniper junosMatch16.1r3-s11

juniper junosMatch16.1r4

juniper junosMatch16.1r5

juniper junosMatch16.1r5-s4

juniper junosMatch16.1r6

juniper junosMatch16.1r6-s1

juniper junosMatch16.1r6-s6

juniper junosMatch16.1r7

Node

juniper junosMatch16.2-

juniper junosMatch16.2r1

juniper junosMatch16.2r2

juniper junosMatch16.2r2-s1

juniper junosMatch16.2r2-s2

juniper junosMatch16.2r2-s5

juniper junosMatch16.2r2-s6

juniper junosMatch16.2r2-s7

juniper junosMatch16.2r2-s8

Node

juniper junosMatch17.1-

juniper junosMatch17.1r1

juniper junosMatch17.1r2-s1

juniper junosMatch17.1r2-s10

juniper junosMatch17.1r2-s2

juniper junosMatch17.1r2-s3

juniper junosMatch17.1r2-s4

juniper junosMatch17.1r2-s5

juniper junosMatch17.1r2-s6

juniper junosMatch17.1r2-s7

Node

juniper junosMatch17.2-

juniper junosMatch17.2r1-s2

juniper junosMatch17.2r1-s4

juniper junosMatch17.2r1-s7

juniper junosMatch17.2r2

juniper junosMatch17.2r2-s6

Node

juniper junosMatch17.3-

juniper junosMatch17.3r2

juniper junosMatch17.3r2-s1

juniper junosMatch17.3r2-s2

juniper junosMatch17.3r3-s1

juniper junosMatch17.3r3-s2

juniper junosMatch17.3r3-s3

Node

juniper junosMatch17.4-

juniper junosMatch17.4r1

juniper junosMatch17.4r1-s1

juniper junosMatch17.4r1-s2

juniper junosMatch17.4r1-s4

juniper junosMatch17.4r2

juniper junosMatch17.4r2-s1

juniper junosMatch17.4r2-s4

Node

juniper junosMatch18.1-

juniper junosMatch18.1r2

juniper junosMatch18.1r2-s1

juniper junosMatch18.1r2-s2

juniper junosMatch18.1r3

juniper junosMatch18.1r3-s2

juniper junosMatch18.1r3-s3

Node

juniper junosMatch18.2-

juniper junosMatch18.2r2-s1

juniper junosMatch18.2r2-s3

juniper junosMatch18.2r2-s4

Node

juniper junosMatch18.3-

juniper junosMatch18.3r1

juniper junosMatch18.3r1-s1

juniper junosMatch18.3r1-s3

[
  {
    "product": "Junos OS",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "lessThan": "15.1X49-D171, 15.1X49-D180",
        "status": "affected",
        "version": "15.1X49",
        "versionType": "custom"
      },
      {
        "lessThan": "15.1X53-D496, 15.1X53-D69",
        "status": "affected",
        "version": "15.1X53",
        "versionType": "custom"
      },
      {
        "lessThan": "16.1R7-S4",
        "status": "affected",
        "version": "16.1",
        "versionType": "custom"
      },
      {
        "lessThan": "16.2R2-S9",
        "status": "affected",
        "version": "16.2",
        "versionType": "custom"
      },
      {
        "lessThan": "17.1R3",
        "status": "affected",
        "version": "17.1",
        "versionType": "custom"
      },
      {
        "lessThan": "17.2R1-S8, 17.2R2-S7, 17.2R3-S1",
        "status": "affected",
        "version": "17.2",
        "versionType": "custom"
      },
      {
        "lessThan": "17.3R3-S4",
        "status": "affected",
        "version": "17.3",
        "versionType": "custom"
      },
      {
        "lessThan": "17.4R1-S6, 17.4R1-S7, 17.4R2-S3, 17.4R3",
        "status": "affected",
        "version": "17.4",
        "versionType": "custom"
      },
      {
        "lessThan": "18.1R2-S4, 18.1R3-S4",
        "status": "affected",
        "version": "18.1",
        "versionType": "custom"
      },
      {
        "lessThan": "18.2R1-S5, 18.2R2-S2, 18.2R3",
        "status": "affected",
        "version": "18.2",
        "versionType": "custom"
      },
      {
        "lessThan": "18.3R1-S3, 18.3R2",
        "status": "affected",
        "version": "18.3",
        "versionType": "custom"
      },
      {
        "lessThan": "18.4R1-S2, 18.4R2",
        "status": "affected",
        "version": "18.4",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
kb	www.kb.juniper.net/JSA10960

21 Nov 2024 04:16Current

7.6High risk

Vulners AI Score7.6

CVSS 27.2

CVSS 3.17.8

EPSS0.00039

CWE-657

junos os vulnerability mgd admin privileges linux-based juniper networks