CVE-2019-0032 Junos Space Service Now and Service Insight: Organization username and password stored in plaintext in log files.

🗓️ 10 Apr 2019 20:13:51Reported by juniperType

Junos Space Service Now and Service Insight: plaintext storage of Organization credential

Reporter	Title	Published	Views	Family All 6
BDU FSTEC	The vulnerability of the software tools for managing network resources, Junos Space Service Now and Junos Space Service Insight, is related to errors in managing registration data. This vulnerability allows an attacker to access account information stored in plain text.	30 Apr 201900:00	–	bdu_fstec
CVE	CVE-2019-0032	10 Apr 201920:13	–	cve
EUVD	EUVD-2019-0839	7 Oct 202500:30	–	euvd
NVD	CVE-2019-0032	10 Apr 201920:29	–	nvd
OSV	CVE-2019-0032	10 Apr 201920:29	–	osv
Prion	Authentication flaw	10 Apr 201920:29	–	prion

[
  {
    "product": "Service Insight",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "lessThan": "unspecified",
        "status": "affected",
        "version": "15.1R1",
        "versionType": "custom"
      },
      {
        "lessThan": "18.1R1",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "Service Now",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "lessThan": "unspecified",
        "status": "affected",
        "version": "15.1R1",
        "versionType": "custom"
      },
      {
        "lessThan": "18.1R1",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
kb	www.kb.juniper.net/KB27572
securityfocus	www.securityfocus.com/bid/107885
kb	www.kb.juniper.net/JSA10921

12 Apr 2019 12:06Current

7.8High risk

Vulners AI Score7.8

CVSS 36.5

EPSS0.00443

CWE-256