PT-2019-3481 · Juniper Networks · Junos Device Manager+1

Publicado

2019-10-09

Atualizado

2020-08-24

CVE-2019-0057

CVSS v3.1

7.8

Alta

Vetor

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Juniper Networks Junos OS versions prior to 18.2R1, 18.2X75-D5.

Description An improper authorization weakness in Juniper Networks Junos OS allows a local authenticated attacker to bypass regular security controls to access the Junos Device Manager (JDM) application and take control of the system.

Recommendations For Juniper Networks Junos OS versions prior to 18.2R1, 18.2X75-D5, update to version 18.2R1 or 18.2X75-D5 or later to resolve the issue. As a temporary workaround, consider restricting access to the Junos Device Manager (JDM) application until a patch is available.

Correção

Improper Authorization

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-285

Identificadores relacionados

BDU:2019-03656

CVE-2019-0057

Produtos afetados

Junos

Junos Device Manager

PT-2019-3481 · Juniper Networks · Junos Device Manager+1

CVE-2019-0057

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 6