Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveJuniperCVE-2019-0069
HistoryOct 09, 2019 - 8:15 p.m.

CVE-2019-0069

2019-10-0920:15:17
CWE-319
juniper
web.nvd.nist.gov
35
cve-2019-0069
information security
credential logging
juniper networks
junos os

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

CVSS3

5.9

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N

AI Score

5.5

Confidence

High

EPSS

0

Percentile

12.6%

JSON

On EX4600, QFX5100 Series, NFX Series, QFX10K Series, QFX5110, QFX5200 Series, QFX5110, QFX5200, QFX10K Series, vSRX, SRX1500, SRX4000 Series, vSRX, SRX1500, SRX4000, QFX5110, QFX5200, QFX10K Series, when the user uses console management port to authenticate, the credentials used during device authentication are written to a log file in clear text. This issue does not affect users that are logging-in using telnet, SSH or J-web to the management IP. This issue affects ACX, NFX, SRX, EX and QFX platforms with the Linux Host OS architecture, it does not affect other SRX and EX platforms that do not use the Linux Host OS architecture. This issue affects Juniper Networks Junos OS: 15.1X49 versions prior to 15.1X49-D110 on vSRX, SRX1500, SRX4000 Series; 15.1X53 versions prior to 15.1X53-D234 on QFX5110, QFX5200 Series; 15.1X53 versions prior to 15.1X53-D68 on QFX10K Series; 17.1 versions prior to 17.1R2-S8, 17.1R3, on QFX5110, QFX5200, QFX10K Series; 17.2 versions prior to 17.2R1-S7, 17.2R2-S6, 17.2R3 on QFX5110, QFX5200, QFX10K Series; 17.3 versions prior to 17.3R2 on vSRX, SRX1500, SRX4000, QFX5110, QFX5200, QFX10K Series; 14.1X53 versions prior to 14.1X53-D47 on ACX5000, EX4600, QFX5100 Series; 15.1 versions prior to 15.1R7 on ACX5000, EX4600, QFX5100 Series; 16.1R7 versions prior to 16.1R7 on ACX5000, EX4600, QFX5100 Series; 17.1 versions prior to 17.1R2-S10, 17.1R3 on ACX5000, EX4600, QFX5100 Series; 17.2 versions prior to 17.2R3 on ACX5000, EX4600, QFX5100 Series; 17.3 versions prior to 17.3R3 on ACX5000, EX4600, QFX5100 Series; 17.4 versions prior to 17.4R2 on ACX5000, EX4600, QFX5100 Series; 18.1 versions prior to 18.1R2 on ACX5000, EX4600, QFX5100 Series; 15.1X53 versions prior to 15.1X53-D496 on NFX Series, 17.2 versions prior to 17.2R3-S1 on NFX Series; 17.3 versions prior to 17.3R3-S4 on NFX Series; 17.4 versions prior to 17.4R2-S4, 17.4R3 on NFX Series, 18.1 versions prior to 18.1R3-S4 on NFX Series; 18.2 versions prior to 18.2R2-S3, 18.2R3 on NFX Series; 18.3 versions prior to 18.3R1-S3, 18.3R2 on NFX Series; 18.4 versions prior to 18.4R1-S1, 18.4R2 on NFX Series.

Affected configurations

Nvd
Node
juniperjunosMatch15.1x49d10
OR
juniperjunosMatch15.1x49d100
OR
juniperjunosMatch15.1x49d20
OR
juniperjunosMatch15.1x49d30
OR
juniperjunosMatch15.1x49d35
OR
juniperjunosMatch15.1x49d40
OR
juniperjunosMatch15.1x49d45
OR
juniperjunosMatch15.1x49d50
OR
juniperjunosMatch15.1x49d55
OR
juniperjunosMatch15.1x49d60
OR
juniperjunosMatch15.1x49d65
OR
juniperjunosMatch15.1x49d70
OR
juniperjunosMatch15.1x49d75
OR
juniperjunosMatch15.1x49d80
OR
juniperjunosMatch15.1x49d90
AND
junipersrx1500Match-
OR
junipersrx4000Match-
OR
junipervsrxMatch-
Node
juniperjunosMatch15.1x53d210
OR
juniperjunosMatch15.1x53d230
OR
juniperjunosMatch15.1x53d231
OR
juniperjunosMatch15.1x53d232
OR
juniperjunosMatch15.1x53d233
OR
juniperjunosMatch15.1x53d30
AND
juniperqfx5110Match-
OR
juniperqfx5200Match-
Node
juniperjunosMatch15.1x53d30
OR
juniperjunosMatch15.1x53d33
OR
juniperjunosMatch15.1x53d34
OR
juniperjunosMatch15.1x53d60
OR
juniperjunosMatch15.1x53d61
OR
juniperjunosMatch15.1x53d62
OR
juniperjunosMatch15.1x53d63
OR
juniperjunosMatch15.1x53d64
OR
juniperjunosMatch15.1x53d65
OR
juniperjunosMatch15.1x53d66
OR
juniperjunosMatch15.1x53d67
AND
juniperqfx10008Match-
OR
juniperqfx10016Match-
Node
juniperjunosMatch17.1-
OR
juniperjunosMatch17.1r1
OR
juniperjunosMatch17.1r2-s1
OR
juniperjunosMatch17.1r2-s2
OR
juniperjunosMatch17.1r2-s3
OR
juniperjunosMatch17.1r2-s4
OR
juniperjunosMatch17.1r2-s5
OR
juniperjunosMatch17.1r2-s6
OR
juniperjunosMatch17.1r2-s7
AND
juniperqfx10008Match-
OR
juniperqfx10016Match-
OR
juniperqfx5110Match-
OR
juniperqfx5200Match-
Node
juniperjunosMatch17.2-
OR
juniperjunosMatch17.2r1
OR
juniperjunosMatch17.2r1-s2
OR
juniperjunosMatch17.2r1-s4
OR
juniperjunosMatch17.2r2
AND
juniperqfx10008Match-
OR
juniperqfx10016Match-
OR
juniperqfx5110Match-
OR
juniperqfx5200Match-
Node
juniperjunosMatch17.3-
OR
juniperjunosMatch17.3r1
AND
juniperqfx10008Match-
OR
juniperqfx10016Match-
OR
juniperqfx5110Match-
OR
juniperqfx5200Match-
OR
junipersrx1500Match-
OR
junipersrx4000Match-
OR
junipervsrxMatch-
Node
juniperjunosMatch14.1x53-
OR
juniperjunosMatch14.1x53d10
OR
juniperjunosMatch14.1x53d15
OR
juniperjunosMatch14.1x53d16
OR
juniperjunosMatch14.1x53d25
OR
juniperjunosMatch14.1x53d26
OR
juniperjunosMatch14.1x53d27
OR
juniperjunosMatch14.1x53d30
OR
juniperjunosMatch14.1x53d35
OR
juniperjunosMatch14.1x53d40
OR
juniperjunosMatch14.1x53d45
AND
juniperacx5000Match-
OR
juniperex4600Match-
OR
juniperqfx5110Match-
Node
juniperjunosMatch15.1a1
OR
juniperjunosMatch15.1f1
OR
juniperjunosMatch15.1f2
OR
juniperjunosMatch15.1f2-s1
OR
juniperjunosMatch15.1f2-s2
OR
juniperjunosMatch15.1f2-s3
OR
juniperjunosMatch15.1f2-s4
OR
juniperjunosMatch15.1f3
OR
juniperjunosMatch15.1f4
OR
juniperjunosMatch15.1f5
OR
juniperjunosMatch15.1f6
OR
juniperjunosMatch15.1f6-s3
OR
juniperjunosMatch15.1f7
OR
juniperjunosMatch15.1r1
OR
juniperjunosMatch15.1r2
OR
juniperjunosMatch15.1r3
OR
juniperjunosMatch15.1r4
OR
juniperjunosMatch15.1r4-s9
OR
juniperjunosMatch15.1r5
OR
juniperjunosMatch15.1r6
OR
juniperjunosMatch15.1r6-s6
AND
juniperacx5000Match-
OR
juniperex4600Match-
OR
juniperqfx5110Match-
Node
juniperjunosMatch16.1-
OR
juniperjunosMatch16.1r1
OR
juniperjunosMatch16.1r2
OR
juniperjunosMatch16.1r3
OR
juniperjunosMatch16.1r3-s10
OR
juniperjunosMatch16.1r4
OR
juniperjunosMatch16.1r5-s4
OR
juniperjunosMatch16.1r6-s1
AND
juniperacx5000Match-
OR
juniperex4600Match-
OR
juniperqfx5110Match-
Node
juniperjunosMatch17.1-
OR
juniperjunosMatch17.1r1
OR
juniperjunosMatch17.1r2-s1
OR
juniperjunosMatch17.1r2-s2
OR
juniperjunosMatch17.1r2-s3
OR
juniperjunosMatch17.1r2-s4
OR
juniperjunosMatch17.1r2-s5
OR
juniperjunosMatch17.1r2-s6
OR
juniperjunosMatch17.1r2-s7
AND
juniperacx5000Match-
OR
juniperex4600Match-
OR
juniperqfx5110Match-
Node
juniperjunosMatch17.2-
OR
juniperjunosMatch17.2r1-s2
OR
juniperjunosMatch17.2r1-s4
OR
juniperjunosMatch17.2r1-s7
OR
juniperjunosMatch17.2r1-s8
OR
juniperjunosMatch17.2r2-s6
OR
juniperjunosMatch17.2r2-s7
AND
juniperacx5000Match-
OR
juniperex4600Match-
OR
juniperqfx5110Match-
Node
juniperjunosMatch17.3-
OR
juniperjunosMatch17.3r2
OR
juniperjunosMatch17.3r2-s1
OR
juniperjunosMatch17.3r2-s2
AND
juniperacx5000Match-
OR
juniperex4600Match-
OR
juniperqfx5110Match-
Node
juniperjunosMatch17.4-
OR
juniperjunosMatch17.4r1
OR
juniperjunosMatch17.4r1-s1
OR
juniperjunosMatch17.4r1-s2
OR
juniperjunosMatch17.4r1-s4
OR
juniperjunosMatch17.4r1-s6
OR
juniperjunosMatch17.4r1-s7
AND
juniperacx5000Match-
OR
juniperex4600Match-
OR
juniperqfx5110Match-
Node
juniperjunosMatch18.1-
AND
juniperacx5000Match-
OR
juniperex4600Match-
OR
juniperqfx5110Match-
Node
juniperjunosMatch15.1x53d40
OR
juniperjunosMatch15.1x53d45
OR
juniperjunosMatch15.1x53d495
AND
junipernfx150Match-
OR
junipernfx250Match-
Node
juniperjunosMatch17.2-
OR
juniperjunosMatch17.2r1-s2
OR
juniperjunosMatch17.2r1-s4
OR
juniperjunosMatch17.2r1-s7
OR
juniperjunosMatch17.2r1-s8
OR
juniperjunosMatch17.2r2-s6
OR
juniperjunosMatch17.2r2-s7
AND
junipernfx150Match-
OR
junipernfx250Match-
Node
juniperjunosMatch17.3-
OR
juniperjunosMatch17.3r2
OR
juniperjunosMatch17.3r2-s1
OR
juniperjunosMatch17.3r2-s2
OR
juniperjunosMatch17.3r3-s1
OR
juniperjunosMatch17.3r3-s2
OR
juniperjunosMatch17.3r3-s3
AND
junipernfx150Match-
OR
junipernfx250Match-
Node
juniperjunosMatch17.4-
OR
juniperjunosMatch17.4r1
OR
juniperjunosMatch17.4r1-s1
OR
juniperjunosMatch17.4r1-s2
OR
juniperjunosMatch17.4r1-s4
OR
juniperjunosMatch17.4r1-s6
OR
juniperjunosMatch17.4r1-s7
OR
juniperjunosMatch17.4r2
OR
juniperjunosMatch17.4r2-s1
OR
juniperjunosMatch17.4r2-s3
AND
junipernfx150Match-
OR
junipernfx250Match-
Node
juniperjunosMatch18.1-
OR
juniperjunosMatch18.1r2
OR
juniperjunosMatch18.1r2-s1
OR
juniperjunosMatch18.1r2-s2
OR
juniperjunosMatch18.1r2-s4
OR
juniperjunosMatch18.1r3
OR
juniperjunosMatch18.1r3-s2
OR
juniperjunosMatch18.1r3-s3
AND
junipernfx150Match-
OR
junipernfx250Match-
Node
juniperjunosMatch18.2-
OR
juniperjunosMatch18.2r1-s5
OR
juniperjunosMatch18.2r2-s1
OR
juniperjunosMatch18.2r2-s2
AND
junipernfx150Match-
OR
junipernfx250Match-
Node
juniperjunosMatch18.3-
OR
juniperjunosMatch18.3r1
OR
juniperjunosMatch18.3r1-s1
OR
juniperjunosMatch18.3r1-s2
AND
junipernfx150Match-
OR
junipernfx250Match-
Node
juniperjunosMatch18.4-
OR
juniperjunosMatch18.4r1
AND
junipernfx150Match-
OR
junipernfx250Match-
VendorProductVersionCPE
juniperjunos15.1x49cpe:2.3:o:juniper:junos:15.1x49:d10:*:*:*:*:*:*
juniperjunos15.1x49cpe:2.3:o:juniper:junos:15.1x49:d100:*:*:*:*:*:*
juniperjunos15.1x49cpe:2.3:o:juniper:junos:15.1x49:d20:*:*:*:*:*:*
juniperjunos15.1x49cpe:2.3:o:juniper:junos:15.1x49:d30:*:*:*:*:*:*
juniperjunos15.1x49cpe:2.3:o:juniper:junos:15.1x49:d35:*:*:*:*:*:*
juniperjunos15.1x49cpe:2.3:o:juniper:junos:15.1x49:d40:*:*:*:*:*:*
juniperjunos15.1x49cpe:2.3:o:juniper:junos:15.1x49:d45:*:*:*:*:*:*
juniperjunos15.1x49cpe:2.3:o:juniper:junos:15.1x49:d50:*:*:*:*:*:*
juniperjunos15.1x49cpe:2.3:o:juniper:junos:15.1x49:d55:*:*:*:*:*:*
juniperjunos15.1x49cpe:2.3:o:juniper:junos:15.1x49:d60:*:*:*:*:*:*
Rows per page:
1-10 of 1391

CNA Affected

[
  {
    "platforms": [
      "vSRX, SRX1500, SRX4000"
    ],
    "product": "Junos OS",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "lessThan": "15.1X49-D110",
        "status": "affected",
        "version": "15.1X49",
        "versionType": "custom"
      }
    ]
  },
  {
    "platforms": [
      "QFX5110, QFX5200"
    ],
    "product": "Junos OS",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "lessThan": "15.1X53-D234",
        "status": "affected",
        "version": "15.1X53",
        "versionType": "custom"
      }
    ]
  },
  {
    "platforms": [
      "QFX10K"
    ],
    "product": "Junos OS",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "lessThan": "15.1X53-D68",
        "status": "affected",
        "version": "15.1X53",
        "versionType": "custom"
      }
    ]
  },
  {
    "platforms": [
      "QFX5110 QFX5200, QFX10K"
    ],
    "product": "Junos OS",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "lessThan": "17.1R2-S8, 17.1R3,",
        "status": "affected",
        "version": "17.1",
        "versionType": "custom"
      },
      {
        "lessThan": "17.2R1-S7, 17.2R2-S6, 17.2R3",
        "status": "affected",
        "version": "17.2",
        "versionType": "custom"
      }
    ]
  },
  {
    "platforms": [
      "vSRX, SRX1500, SRX4000, QFX5110, QFX5200, QFX10K"
    ],
    "product": "Junos OS",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "lessThan": "17.3R2",
        "status": "affected",
        "version": "17.3",
        "versionType": "custom"
      }
    ]
  },
  {
    "platforms": [
      "ACX5000, EX4600, QFX5100"
    ],
    "product": "Junos OS",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "lessThan": "14.1X53-D47",
        "status": "affected",
        "version": "14.1X53",
        "versionType": "custom"
      },
      {
        "lessThan": "15.1R7",
        "status": "affected",
        "version": "15.1",
        "versionType": "custom"
      },
      {
        "lessThan": "16.1R7",
        "status": "affected",
        "version": "16.1R7",
        "versionType": "custom"
      },
      {
        "lessThan": "17.1R2-S10, 17.1R3",
        "status": "affected",
        "version": "17.1",
        "versionType": "custom"
      },
      {
        "lessThan": "17.2R3",
        "status": "affected",
        "version": "17.2",
        "versionType": "custom"
      },
      {
        "lessThan": "17.3R3",
        "status": "affected",
        "version": "17.3",
        "versionType": "custom"
      },
      {
        "lessThan": "17.4R2",
        "status": "affected",
        "version": "17.4",
        "versionType": "custom"
      },
      {
        "lessThan": "18.1R2",
        "status": "affected",
        "version": "18.1",
        "versionType": "custom"
      }
    ]
  },
  {
    "platforms": [
      "NFX"
    ],
    "product": "Junos OS",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "lessThan": "15.1X53-D496",
        "status": "affected",
        "version": "15.1X53",
        "versionType": "custom"
      },
      {
        "lessThan": "17.2R3-S1",
        "status": "affected",
        "version": "17.2",
        "versionType": "custom"
      },
      {
        "lessThan": "17.3R3-S4",
        "status": "affected",
        "version": "17.3",
        "versionType": "custom"
      },
      {
        "lessThan": "17.4R2-S4, 17.4R3",
        "status": "affected",
        "version": "17.4",
        "versionType": "custom"
      },
      {
        "lessThan": "18.1R3-S4",
        "status": "affected",
        "version": "18.1",
        "versionType": "custom"
      },
      {
        "lessThan": "18.2R2-S3, 18.2R3",
        "status": "affected",
        "version": "18.2",
        "versionType": "custom"
      },
      {
        "lessThan": "18.3R1-S3, 18.3R2",
        "status": "affected",
        "version": "18.3",
        "versionType": "custom"
      },
      {
        "lessThan": "18.4R1-S1, 18.4R2",
        "status": "affected",
        "version": "18.4",
        "versionType": "custom"
      }
    ]
  }
]

Related

symantec 1
nessus 1
nvd 1
cvelist 1
prion 1
symantec
symantec
Juniper Junos CVE-2019-0069 Local Information Disclosure Vulnerability
2019-10-09 00:00:00
nessus
nessus
Junos OS: Clear Text Authentication Credentials (JSA10969)
2019-11-01 00:00:00
nvd
nvd
CVE-2019-0069
2019-10-09 20:15:17
cvelist
cvelist
CVE-2019-0069 Junos OS: vSRX, SRX1500, SRX4K, ACX5K, EX4600, QFX5100, QFX5110, QFX5200, QFX10K and NFX Series: console management port device authentication credentials are logged in clear text
2019-10-09 19:26:17
prion
prion
Design/Logic Flaw
2019-10-09 20:15:00

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

CVSS3

5.9

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N

AI Score

5.5

Confidence

High

EPSS

0

Percentile

12.6%

JSON
Related for CVE-2019-0069
symantec1nessus1nvd1cvelist1prion1