CVE-2019-0062 — Session Fixation in Networks Junos OS
Severity
8.8HIGHNVD
EPSS
0.4%
top 42.00%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedOct 9
Latest updateMay 24
Description
A session fixation vulnerability in J-Web on Junos OS may allow an attacker to use social engineering techniques to fix and hijack a J-Web administrators web session and potentially gain administrative access to the device. This issue affects: Juniper Networks Junos OS 12.3 versions prior to 12.3R12-S15 on EX Series; 12.3X48 versions prior to 12.3X48-D85 on SRX Series; 14.1X53 versions prior to 14.1X53-D51; 15.1 versions prior to 15.1F6-S13, 15.1R7-S5; 15.1X49 versions prior to 15.1X49-D180 on S…
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9
Affected Packages6 packages
🔴Vulnerability Details
1GHSA▶
GHSA-8345-v559-5vw2: A session fixation vulnerability in J-Web on Junos OS may allow an attacker to use social engineering techniques to fix and hijack a J-Web administrat↗2022-05-24
📋Vendor Advisories
1Juniper▶
CVE-2019-0062: A session fixation vulnerability in J-Web on Junos OS may allow an attacker to use social engineering techniques to fix and hijack a J-Web administrat↗2019-10-09