CVE-2019-0072
09.10.2019, 20:15
An Unprotected Storage of Credentials vulnerability in the identity and access management certificate generation procedure allows a local attacker to gain access to confidential information. This issue affects: Juniper Networks SBR Carrier: 8.4.1 versions prior to 8.4.1R13; 8.5.0 versions prior to 8.5.0R4.Enginsight
| Vendor | Product | Version |
|---|---|---|
| juniper | sbr_carrier | 8.4.1 |
| juniper | sbr_carrier | 8.4.1:r1 |
| juniper | sbr_carrier | 8.5.0 |
| juniper | sbr_carrier | 8.5.0:r1 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-256 - Plaintext Storage of a PasswordStoring a password in plaintext may result in a system compromise.
- CWE-522 - Insufficiently Protected CredentialsThe product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.