CVE-2019-0069

Name of the Vulnerable Software and Affected Versions Junos OS versions prior to 15.1X49-D110 on vSRX, SRX1500, SRX4000 Series Junos OS versions prior to 15.1X53-D234 on QFX5110, QFX5200 Series Junos OS versions prior to 15.1X53-D68 on QFX10K Series Junos OS versions prior to 17.1R2-S8, 17.1R3, on QFX5110, QFX5200, QFX10K Series Junos OS versions prior to 17.2R1-S7, 17.2R2-S6, 17.2R3 on QFX5110, QFX5200, QFX10K Series Junos OS versions prior to 17.3R2 on vSRX, SRX1500, SRX4000, QFX5110, QFX5200, QFX10K Series Junos OS versions prior to 14.1X53-D47 on ACX5000, EX4600, QFX5100 Series Junos OS versions prior to 15.1R7 on ACX5000, EX4600, QFX5100 Series Junos OS versions prior to 16.1R7 on ACX5000, EX4600, QFX5100 Series Junos OS versions prior to 17.1R2-S10, 17.1R3 on ACX5000, EX4600, QFX5100 Series Junos OS versions prior to 17.2R3 on ACX5000, EX4600, QFX5100 Series Junos OS versions prior to 17.3R3 on ACX5000, EX4600, QFX5100 Series Junos OS versions prior to 17.4R2 on ACX5000, EX4600, QFX5100 Series Junos OS versions prior to 18.1R2 on ACX5000, EX4600, QFX5100 Series Junos OS versions prior to 15.1X53-D496 on NFX Series Junos OS versions prior to 17.2R3-S1 on NFX Series Junos OS versions prior to 17.3R3-S4 on NFX Series Junos OS versions prior to 17.4R2-S4, 17.4R3 on NFX Series Junos OS versions prior to 18.1R3-S4 on NFX Series Junos OS versions prior to 18.2R2-S3, 18.2R3 on NFX Series Junos OS versions prior to 18.3R1-S3, 18.3R2 on NFX Series Junos OS versions prior to 18.4R1-S1, 18.4R2 on NFX Series

Description The issue is related to the console management port of Juniper Networks Junos OS, where credentials used during device authentication are written to a log file in clear text. This issue affects ACX, NFX, SRX, EX, and QFX platforms with the Linux Host OS architecture. It does not affect users logging in using telnet, SSH, or J-web to the management IP.

Recommendations For Junos OS versions prior to 15.1X49-D110 on vSRX, SRX1500, SRX4000 Series, update to version 15.1X49-D110 or later. For Junos OS versions prior to 15.1X53-D234 on QFX5110, QFX5200 Series, update to version 15.1X53-D234 or later. For Junos OS versions prior to 15.1X53-D68 on QFX10K Series, update to version 15.1X53-D68 or later. For Junos OS versions prior to 17.1R2-S8, 17.1R3, on QFX5110, QFX5200, QFX10K Series, update to version 17.1R2-S8, 17.1R3, or later. For Junos OS versions prior to 17.2R1-S7, 17.2R2-S6, 17.2R3 on QFX5110, QFX5200, QFX10K Series, update to version 17.2R1-S7, 17.2R2-S6, 17.2R3, or later. For Junos OS versions prior to 17.3R2 on vSRX, SRX1500, SRX4000, QFX5110, QFX5200, QFX10K Series, update to version 17.3R2 or later. For Junos OS versions prior to 14.1X53-D47 on ACX5000, EX4600, QFX5100 Series, update to version 14.1X53-D47 or later. For Junos OS versions prior to 15.1R7 on ACX5000, EX4600, QFX5100 Series, update to version 15.1R7 or later. For Junos OS versions prior to 16.1R7 on ACX5000, EX4600, QFX5100 Series, update to version 16.1R7 or later. For Junos OS versions prior to 17.1R2-S10, 17.1R3 on ACX5000, EX4600, QFX5100 Series, update to version 17.1R2-S10, 17.1R3, or later. For Junos OS versions prior to 17.2R3 on ACX5000, EX4600, QFX5100 Series, update to version 17.2R3 or later. For Junos OS versions prior to 17.3R3 on ACX5000, EX4600, QFX5100 Series, update to version 17.3R3 or later. For Junos OS versions prior to 17.4R2 on ACX5000, EX4600, QFX5100 Series, update to version 17.4R2 or later. For Junos OS versions prior to 18.1R2 on ACX5000, EX4600, QFX5100 Series, update to version 18.1R2 or later. For Junos OS versions prior to 15.1X53-D496 on NFX Series, update to version 15.1X53-D496 or later. For Junos OS versions prior to 17.2R3-S1 on NFX Series, update to version 17.2R3-S1 or later. For Junos OS versions prior to 17.3R3-S4 on NFX Series, update to version 17.3R3-S4 or later. For Junos OS versions prior to 17.4R2-S4, 17.4R3 on NFX Series, update to version 17.4R2-S4, 17.4R3, or later. For Junos OS versions prior to 18.1R3-S4 on NFX Series, update to version 18.1R3-S4 or later. For Junos OS versions prior to 18.2R2-S3, 18.2R3 on NFX Series, update to version 18.2R2-S3, 18.2R3, or later. For Junos OS versions prior to 18.3R1-S3, 18.3R2 on NFX Series, update to version 18.3R1-S3, 18.3R2, or later. For Junos OS versions prior to 18.4R1-S1, 18.4R2 on NFX Series, update to version 18.4R1-S1, 18.4R2, or later.