CVE-2019-0058

Summary

A vulnerability in the Veriexec subsystem of Juniper Networks Junos OS allowing an attacker to fully compromise the host system. A local authenticated user can elevate privileges to gain full control of the system even if they are specifically denied access to perform certain actions. This issue affects: Juniper Networks Junos OS: 12.3X48 versions prior to 12.3X48-D80 on SRX Series.

Affected Software

VendorProductVersion RangeStatus
Juniper NetworksJunos OS12.3X48 < 12.3X48-D80affected

Weaknesses

  • 252 - Unchecked Return Value

Workarounds

To reduce the risk of exploitation of this vulnerability, customers should limit access to the Junos shell to only trusted administrators and limit their actions to previously reviewed and agreed-upon commands and command arguments as part of a structured change management workflow. Shell commands which are run should be logged and reviewed as part of standard security practices.

ADP Enrichment

CVE Program Container

Additional References

References