CVE-2019-0073
published 2019-10-09CVE-2019-0073: The PKI keys exported using the command "run request security pki key-pair export" on Junos OS may have insecure file permissions. This may allow another user…
high7.1CVSS 3.1
AVLACLPRLUINSUCHIHAN
The PKI keys exported using the command "run request security pki key-pair export" on Junos OS may have insecure file permissions. This may allow another user on the Junos OS device with shell access to read them. This issue affects: Juniper Networks Junos OS 15.1X49 versions prior to 15.1X49-D180; 17.3 versions prior to 17.3R3-S7; 17.4 versions prior to 17.4R2-S8, 17.4R3; 18.1 versions prior to 18.1R3-S8; 18.2 versions prior to 18.2R3; 18.3 versions prior to 18.3R2; 18.4 versions prior to 18.4R2.
Affected
15 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| juniper | junos | — | — |
| juniper | junos | — | — |
| juniper | junos | — | — |
| juniper | junos | — | — |
| juniper | junos | — | — |
| juniper | junos | — | — |
| juniper | junos | — | — |
| juniper | junos_os | — | — |
| juniper_networks | junos_os | >= 15.1X49 < 15.1X49-D180 | 15.1X49-D180 |
| juniper_networks | junos_os | >= 17.3 < 17.3R3-S7 | 17.3R3-S7 |
| juniper_networks | junos_os | >= 17.4 < 17.4R2-S8, 17.4R3 | 17.4R2-S8, 17.4R3 |
| juniper_networks | junos_os | >= 18.1 < 18.1R3-S8 | 18.1R3-S8 |
| juniper_networks | junos_os | >= 18.2 < 18.2R3 | 18.2R3 |
| juniper_networks | junos_os | >= 18.3 < 18.3R2 | 18.3R2 |
| juniper_networks | junos_os | >= 18.4 < 18.4R2 | 18.4R2 |
GHSA
GHSA-g4cp-h5rq-j4fr: The PKI keys exported using the command "run request security pki key-pair export" on Junos OS may have insecure file permissions
ghsa_unreviewed·2022-05-24
CVE-2019-0073 [LOW] CWE-281 GHSA-g4cp-h5rq-j4fr: The PKI keys exported using the command "run request security pki key-pair export" on Junos OS may have insecure file permissions
The PKI keys exported using the command "run request security pki key-pair export" on Junos OS may have insecure file permissions. This may allow another user on the Junos OS device with shell access to read them. This issue affects: Juniper Networks Junos OS 15.1X49 versions prior to 15.1X49-D180; 17.3 versions prior to 17.3R3-S7; 17.4 versions prior to 17.4R2-S8, 17.4R3; 18.1 versions prior to 18.1R3-S8; 18.2 versions prior to 18.2R3; 18.3 versions prior to 18.3R2; 18.4 versions prior to 18.4R2.
Juniper
CVE-2019-0073: The PKI keys exported using the command "run request security pki key-pair export" on Junos OS may have insecure file permissions. This may allow anot
vendor_juniper·2019-10-09·CVSS 6.6
CVE-2019-0073 [MEDIUM] CWE-732 CVE-2019-0073: The PKI keys exported using the command "run request security pki key-pair export" on Junos OS may have insecure file permissions. This may allow anot
CVE-2019-0073: The PKI keys exported using the command "run request security pki key-pair export" on Junos OS may have insecure file permissions. This may allow another user on the Junos OS device with shell access to read them. This issue affects: Juniper Networks Junos OS 15.1X49 versions prior to 15.1X49-D180; 17.3 versions prior to 17.3R3-S7; 17.4 versions prior to 17.4R2-S8, 17.4R3; 18.1 versions prior to 18.1R3-S8; 18.2 versions prior to 18.2R3; 18.3 versions prior to 18.3R2; 18.4 versions prior to 18.4R2.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2019-10-09
Published