CVE-2019-0073

Published Oct 9, 2019
Last updated 4 years ago
CVSS high 7.1
Overview

Description: The PKI keys exported using the command "run request security pki key-pair export" on Junos OS may have insecure file permissions. This may allow another user on the Junos OS device with shell access to read them. This issue affects: Juniper Networks Junos OS 15.1X49 versions prior to 15.1X49-D180; 17.3 versions prior to 17.3R3-S7; 17.4 versions prior to 17.4R2-S8, 17.4R3; 18.1 versions prior to 18.1R3-S8; 18.2 versions prior to 18.2R3; 18.3 versions prior to 18.3R2; 18.4 versions prior to 18.4R2.
Source: sirt@juniper.net
NVD status: Analyzed
Risk scores

CVSS 3.1

Type: Primary
Base score: 7.1
Impact score: 5.2
Exploitability score: 1.8
Vector string: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Severity: HIGH
CVSS 2.0

Type: Primary
Base score: 2.1
Impact score: 2.9
Exploitability score: 3.9
Vector string: AV:L/AC:L/Au:N/C:P/I:N/A:N
Weaknesses

nvd@nist.gov: CWE-281
sirt@juniper.net: CWE-732
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:juniper:junos:15.1x49:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "27A6BF09-ABBF-4126-ADD6-B174937F8554"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d10:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D90D8985-34EF-44CC-A9A7-CB0FD22676F2"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d100:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "856A5668-FA4F-44E9-A3F0-BE4979F631E2"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d110:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F3B2DA4D-5E5D-4E09-BE4D-5B3371703D8F"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d120:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FA2459ED-DFA5-4701-AF92-C2928C3BD64D"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d130:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8830C4BC-2B3D-4CCF-A37E-79C2D46159BD"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d140:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C808E08F-1992-43DD-A106-E920DC784831"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d150:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E288F54B-AEA3-412F-85A4-EBDFE74DB84F"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d160:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "02AAC05C-1C4B-4F35-A286-52D20DFD6212"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d170:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "080422D3-B508-4049-B558-4B04BF2E8AB4"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d20:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "18468579-0195-4DDE-BAA5-4BE4068F3A69"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d30:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0E5FAA97-171F-4DB9-B78E-6E1A5F34336A"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d35:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "870244F3-1C05-4F10-A205-5189BB860F46"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d40:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "235EE40B-AA15-4F39-8087-A051F4F70995"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d45:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "17330544-3AFC-463E-A146-2840A8AE17D2"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d50:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8ABA301F-7866-42A5-8391-E07BEAFF06FA"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d55:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "884E4A85-ED42-4391-9FDD-9052F957743A"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d60:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1901864B-688B-4352-A587-4B96B4E49FB1"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d65:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "78F53FBF-C6D8-4AE5-87EC-9D9F88DCEFB9"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d70:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1B6670FB-9F5A-469B-97F2-074C28572065"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d75:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "71198992-83AA-4E28-BA7D-A3C1897B5E2B"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d80:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4323D874-C317-4D76-8E2D-C82376D84CBE"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d90:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F56067DA-EBA9-481A-B60B-52148584EFBD"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:juniper:junos:17.3:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A283D32F-1CAF-4A5A-83E1-585F2801771F"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:17.3:r1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "38A40E03-F915-4888-87B0-5950F75F097D"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:17.3:r2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "69FC46D4-39E2-4E2F-A1D3-1001769A7115"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:17.3:r2-s1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "32F83E8B-A816-4F26-95F8-F0DA7F3DF426"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:17.3:r2-s2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2C433359-BC8B-4E69-BE74-A31EB148083A"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:17.3:r3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "25C7C3D0-A203-4979-8375-A610ADD48E9E"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:17.3:r3-s1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "565AE6D8-28A9-4A62-A886-5BAB954695D8"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:17.3:r3-s2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0C366F93-BB30-4144-99AE-40B676977834"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:17.3:r3-s3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "488BB10A-1360-42E5-A68D-23D51B332850"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:17.3:r3-s4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "64988F0A-E02C-455B-99C9-4059C896416F"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:17.3:r3-s5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DC2ACA85-FA89-40F0-A2AD-778E1CB02A91"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:17.3:r3-s6:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9F431D3D-5D55-45A9-98E8-00CB1D4C0196"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:juniper:junos:17.4:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A00CA6FB-8F28-4171-B510-8DBA351E80C0"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:17.4:r1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "988D317A-0646-491F-9B97-853E8E208276"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:17.4:r1-s1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "605F1AD7-5B09-44F0-9017-15AB3EEE559C"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:17.4:r1-s2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CEDDCD30-2255-4FA9-B3E2-9E88AB6F8D80"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:17.4:r1-s4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4E4EB6B0-8DB2-4199-96E4-30195D49F756"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:17.4:r1-s6:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9D8A8E33-473A-4A40-A7B7-47086BB9012A"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:17.4:r1-s7:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F0F65DCA-34B9-4CE8-91C9-426AAAEB4097"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:17.4:r2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0E0CE79A-157D-47DE-BE65-936BC12470EB"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:17.4:r2-s1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "05060C06-18C1-40E8-AE01-385B036CC9AA"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:17.4:r2-s3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "006EE425-A146-4E10-B050-7E754BB8402A"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:17.4:r2-s4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2B482BCC-1F0C-47AA-B63B-1B39CEF7B2C0"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:17.4:r2-s5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A636F9F2-2DA7-4A27-AD80-FD1B34DFCA94"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:17.4:r2-s6:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4EC7D216-D8F3-4ABD-97C9-4C9FB6DF64FF"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:17.4:r2-s7:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5E327643-D8D8-4EFA-9F38-BA862A919501"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:juniper:junos:18.1:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0DFDD907-5305-4602-8A9C-685AA112C342"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:18.1:r2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2EF6F4C1-6A7E-474F-89BC-7A3C50FD8CAC"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:18.1:r2-s1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "84F5BCBA-404B-4BC9-B363-CE6D231B0D6D"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:18.1:r2-s2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "18A4CA3E-DA61-49CC-8476-3A476CCB2B83"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:18.1:r2-s4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A7380B3E-09F5-4497-86C6-11EF56BD89F1"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:18.1:r3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "658841A9-BEC9-433E-81D0-47DE82887C4F"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:18.1:r3-s2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C97683B3-A07B-428F-9535-C49B55305679"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:18.1:r3-s3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A14CE132-C56B-43D8-A248-AB6A2D1A7B6C"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:18.1:r3-s4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "73978DD8-BD92-4872-8F35-AF2B9BCA1ECB"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:18.1:r3-s5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "678F57D1-2595-4AF3-BB87-AF2E1FE3CBB9"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:18.1:r3-s6:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7988CE92-71D2-4EEC-B596-4A60E2C1136A"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:18.1:r3-s7:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "330D176F-8DAD-440C-A623-44FA233FAB01"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:juniper:junos:18.2:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A8B5BD93-3C11-45D5-ACF0-7C4C01106C8A"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:18.2:r1-s5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "238EC996-8E8C-4332-916F-09E54E6EBB9D"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:18.2:r2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5F711936-33A1-47FC-A6A0-A63088915815"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:18.2:r2-s1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "21B7820C-01D2-401C-9E6D-C83994FD5961"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:18.2:r2-s2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3D2FBD29-2CAC-41B4-9336-671373EF4A7C"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:18.2:r2-s3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EEFCDA90-67E2-4AEF-800C-1D29A9121B8F"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:18.2:r2-s4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "74B99981-840F-4DAD-976A-5DAEFE9FB93D"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:juniper:junos:18.3:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1BB9C2BB-D20B-41E9-B75F-7FAD9ECCDB99"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:18.3:r1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5342C3DC-D640-47AB-BD76-3444852988A2"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:18.3:r1-s1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8AB8585E-EDC6-4400-BEE3-3A6A7C922C90"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:18.3:r1-s2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A2ABC574-B3FC-4025-B50D-7F9EEB28C806"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:18.3:r1-s3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6F6EAFC3-C3AC-4361-8530-39FCF89702F7"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:juniper:junos:18.4:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "74CA9010-D3DE-487B-B46F-589A48AB0F0A"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:18.4:r1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A38F224C-8E9B-44F3-9D4F-6C9F04F57927"
          },
          {
            "criteria": "cpe:2.3:o:juniper:junos:18.4:r1-s2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8F73B88B-E66C-4ACD-B38D-9365FB230ABA"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]
Overview

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Social media

Configurations

References
