CVE-2019-0058

A vulnerability in the Veriexec subsystem of Juniper Networks Junos OS allowing an attacker to fully compromise the host system. A local authenticated user can elevate privileges to gain full control of the system even if they are specifically denied access to perform certain actions. This issue affects: Juniper Networks Junos OS: 12.3X48 versions prior to 12.3X48-D80 on SRX Series.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
juniperCNA
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 11%
VendorProductVersion
juniperjunos
12.3x48:x48
juniperjunos
12.3x48:x48
juniperjunos
12.3x48:x48
juniperjunos
12.3x48:x48
juniperjunos
12.3x48:x48
juniperjunos
12.3x48:x48
juniperjunos
12.3x48:x48
juniperjunos
12.3x48:x48
juniperjunos
12.3x48:x48
juniperjunos
12.3x48:x48
juniperjunos
12.3x48:x48
juniperjunos
12.3x48:x48
juniperjunos
12.3x48:x48
juniperjunos
12.3x48:x48
juniperjunos
12.3x48:x48
𝑥
= Vulnerable software versions
References
https://kb.juniper.net/JSA10956
https://kb.juniper.net/JSA10956