CVE-2019-0062

Name of the Vulnerable Software and Affected Versions Junos OS versions 12.3 through 12.3R12-S15 Junos OS versions 12.3X48 through 12.3X48-D85 Junos OS versions 14.1X53 through 14.1X53-D51 Junos OS versions 15.1 through 15.1F6-S13 Junos OS versions 15.1 through 15.1R7-S5 Junos OS versions 15.1X49 through 15.1X49-D180 Junos OS versions 15.1X53 through 15.1X53-D238 Junos OS versions 16.1 through 16.1R4-S13 Junos OS versions 16.1 through 16.1R7-S5 Junos OS versions 16.2 through 16.2R2-S10 Junos OS versions 17.1 through 17.1R3-S1 Junos OS versions 17.2 through 17.2R2-S8 Junos OS versions 17.2 through 17.2R3-S3 Junos OS versions 17.3 through 17.3R3-S5 Junos OS versions 17.4 through 17.4R2-S8 Junos OS versions 17.4 through 17.4R3 Junos OS versions 18.1 through 18.1R3-S8 Junos OS versions 18.2 through 18.2R3 Junos OS versions 18.3 through 18.3R3 Junos OS versions 18.4 through 18.4R2 Junos OS versions 19.1 through 19.1R1-S2 Junos OS versions 19.1 through 19.1R2

Description A session fixation issue in J-Web on Junos OS may allow an attacker to use social engineering techniques to fix and hijack a J-Web administrator's web session and potentially gain administrative access to the device.

Recommendations For Junos OS versions 12.3 through 12.3R12-S15, update to version 12.3R12-S15 or later. For Junos OS versions 12.3X48 through 12.3X48-D85, update to version 12.3X48-D85 or later. For Junos OS versions 14.1X53 through 14.1X53-D51, update to version 14.1X53-D51 or later. For Junos OS versions 15.1 through 15.1F6-S13, update to version 15.1F6-S13 or later. For Junos OS versions 15.1 through 15.1R7-S5, update to version 15.1R7-S5 or later. For Junos OS versions 15.1X49 through 15.1X49-D180, update to version 15.1X49-D180 or later. For Junos OS versions 15.1X53 through 15.1X53-D238, update to version 15.1X53-D238 or later. For Junos OS versions 16.1 through 16.1R4-S13, update to version 16.1R4-S13 or later. For Junos OS versions 16.1 through 16.1R7-S5, update to version 16.1R7-S5 or later. For Junos OS versions 16.2 through 16.2R2-S10, update to version 16.2R2-S10 or later. For Junos OS versions 17.1 through 17.1R3-S1, update to version 17.1R3-S1 or later. For Junos OS versions 17.2 through 17.2R2-S8, update to version 17.2R2-S8 or later. For Junos OS versions 17.2 through 17.2R3-S3, update to version 17.2R3-S3 or later. For Junos OS versions 17.3 through 17.3R3-S5, update to version 17.3R3-S5 or later. For Junos OS versions 17.4 through 17.4R2-S8, update to version 17.4R2-S8 or later. For Junos OS versions 17.4 through 17.4R3, update to version 17.4R3 or later. For Junos OS versions 18.1 through 18.1R3-S8, update to version 18.1R3-S8 or later. For Junos OS versions 18.2 through 18.2R3, update to version 18.2R3 or later. For Junos OS versions 18.3 through 18.3R3, update to version 18.3R3 or later. For Junos OS versions 18.4 through 18.4R2, update to version 18.4R2 or later. For Junos OS versions 19.1 through 19.1R1-S2, update to version 19.1R1-S2 or later. For Junos OS versions 19.1 through 19.1R2, update to version 19.1R2 or later.