Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2019-0058

A vulnerability in the Veriexec subsystem of Juniper Networks Junos OS allowing an attacker to fully compromise the host system. A local authenticated user can elevate privileges to gain full control of the system even if they are specifically denied access to perform certain actions. This issue affects: Juniper Networks Junos OS: 12.3X48 versions prior to 12.3X48-D80 on SRX Series.

Published

2019-10-09T20:15:16.787

Last Modified

2024-11-21T04:16:09.427

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.8 (HIGH)

CVSSv2 Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Access Vector: LOCAL
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: COMPLETE
Integrity Impact: COMPLETE
Availability Impact: COMPLETE

Exploitability Score

3.9

Impact Score

10.0

Weaknesses

Type: Primary
NVD-CWE-noinfo

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	juniper	junos	12.3x48	Yes
Operating System	juniper	junos	12.3x48	Yes
Operating System	juniper	junos	12.3x48	Yes
Operating System	juniper	junos	12.3x48	Yes
Operating System	juniper	junos	12.3x48	Yes
Operating System	juniper	junos	12.3x48	Yes
Operating System	juniper	junos	12.3x48	Yes
Operating System	juniper	junos	12.3x48	Yes
Operating System	juniper	junos	12.3x48	Yes
Operating System	juniper	junos	12.3x48	Yes
Operating System	juniper	junos	12.3x48	Yes
Operating System	juniper	junos	12.3x48	Yes
Operating System	juniper	junos	12.3x48	Yes
Operating System	juniper	junos	12.3x48	Yes
Operating System	juniper	junos	12.3x48	Yes
Hardware	juniper	csrx	-	No
Hardware	juniper	srx100	-	No
Hardware	juniper	srx110	-	No
Hardware	juniper	srx1400	-	No
Hardware	juniper	srx1500	-	No
Hardware	juniper	srx210	-	No
Hardware	juniper	srx220	-	No
Hardware	juniper	srx240	-	No
Hardware	juniper	srx300	-	No
Hardware	juniper	srx320	-	No
Hardware	juniper	srx340	-	No
Hardware	juniper	srx3400	-	No
Hardware	juniper	srx345	-	No
Hardware	juniper	srx3600	-	No
Hardware	juniper	srx4100	-	No
Hardware	juniper	srx4200	-	No
Hardware	juniper	srx4600	-	No
Hardware	juniper	srx5400	-	No
Hardware	juniper	srx550	-	No
Hardware	juniper	srx550_hm	-	No
Hardware	juniper	srx5600	-	No
Hardware	juniper	srx5800	-	No
Hardware	juniper	srx650	-	No
Hardware	juniper	vsrx	-	No

References

https://kb.juniper.net/JSA10956 Vendor Advisory ([email protected])
https://kb.juniper.net/JSA10956 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)