CVE-2019-0072

Published: Oct 9, 2019Modified: Nov 21, 2024

5.5

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

An Unprotected Storage of Credentials vulnerability in the identity and access management certificate generation procedure allows a local attacker to gain access to confidential information. This issue affects: Juniper Networks SBR Carrier: 8.4.1 versions prior to 8.4.1R13; 8.5.0 versions prior to 8.5.0R4.

Affected (4)

Products: Juniper: Sbr Carrier

1 product

Configuration A

4 vulnerable

Vulnerable Software	Affected Versions
Juniper Sbr Carrier	Version 8.4.1
Juniper Sbr Carrier	Version 8.4.1 r1
Juniper Sbr Carrier	Version 8.5.0
Juniper Sbr Carrier	Version 8.5.0 r1

Related CWEs

Plaintext Storage of a Password

Storing a password in plaintext may result in a system compromise.

Insufficiently Protected Credentials

The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.

References (2)

https://kb.juniper.net/JSA10971

Source: sirt@juniper.net

Vendor Advisory

https://kb.juniper.net/JSA10971

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.