PT-2019-4133 · Juniper Networks · Sbr Carrier

Published

2019-10-09

Updated

2019-10-21

CVE-2019-0072

CVSS v3.1

5.6

Medium

Vector

AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Juniper Networks SBR Carrier versions 8.4.1 through 8.4.1R12 Juniper Networks SBR Carrier versions 8.5.0 through 8.5.0R3

Description The issue is related to an Unprotected Storage of Credentials vulnerability in the identity and access management certificate generation procedure. This allows a local attacker to gain access to confidential information.

Recommendations For Juniper Networks SBR Carrier versions 8.4.1 through 8.4.1R12, update to version 8.4.1R13 or later. For Juniper Networks SBR Carrier versions 8.5.0 through 8.5.0R3, update to version 8.5.0R4 or later.

Fix

Insufficiently Protected Credentials

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-522CWE-256

Related Identifiers

BDU:2019-04713

CVE-2019-0072

Affected Products

Sbr Carrier

PT-2019-4133 · Juniper Networks · Sbr Carrier

CVE-2019-0072

Weakness Enumeration

Related Identifiers

Affected Products

References · 6