CVE-2019-0054

Summary

An Improper Certificate Validation weakness in the SRX Series Application Identification (app-id) signature update client of Juniper Networks Junos OS allows an attacker to perform Man-in-the-Middle (MitM) attacks which may compromise the integrity and confidentiality of the device. This issue affects: Juniper Networks Junos OS 15.1X49 versions prior to 15.1X49-D120 on SRX Series devices. No other versions of Junos OS are affected.

Affected Software

VendorProductVersion RangeStatus
Juniper NetworksJunos OS15.1X49 < 15.1X49-D120affected

Weaknesses

  • CWE-295: CWE-295 Improper Certificate Validation
  • CWE-300: CWE-300 Channel Accessible by Non-Endpoint ('Man-in-the-Middle')

Workarounds

Set the following command in the device for affected releases:

set services application-identification download secure-download

ADP Enrichment

CVE Program Container

Additional References

References