7.4

CVE-2019-0054

An Improper Certificate Validation weakness in the SRX Series Application Identification (app-id) signature update client of Juniper Networks Junos OS allows an attacker to perform Man-in-the-Middle (MitM) attacks which may compromise the integrity and confidentiality of the device. This issue affects: Juniper Networks Junos OS 15.1X49 versions prior to 15.1X49-D120 on SRX Series devices. No other versions of Junos OS are affected.

Data is provided by the National Vulnerability Database (NVD)
JuniperJunos Version15.1x49 Update-
   JuniperCsrx Version-
   JuniperSrx100 Version-
   JuniperSrx110 Version-
   JuniperSrx1400 Version-
   JuniperSrx1500 Version-
   JuniperSrx210 Version-
   JuniperSrx220 Version-
   JuniperSrx240 Version-
   JuniperSrx300 Version-
   JuniperSrx320 Version-
   JuniperSrx340 Version-
   JuniperSrx3400 Version-
   JuniperSrx345 Version-
   JuniperSrx3600 Version-
   JuniperSrx4100 Version-
   JuniperSrx4200 Version-
   JuniperSrx4600 Version-
   JuniperSrx5400 Version-
   JuniperSrx550 Version-
   JuniperSrx550 Hm Version-
   JuniperSrx5600 Version-
   JuniperSrx5800 Version-
   JuniperSrx650 Version-
   JuniperVsrx Version-
JuniperJunos Version15.1x49 Updated10
   JuniperCsrx Version-
   JuniperSrx100 Version-
   JuniperSrx110 Version-
   JuniperSrx1400 Version-
   JuniperSrx1500 Version-
   JuniperSrx210 Version-
   JuniperSrx220 Version-
   JuniperSrx240 Version-
   JuniperSrx300 Version-
   JuniperSrx320 Version-
   JuniperSrx340 Version-
   JuniperSrx3400 Version-
   JuniperSrx345 Version-
   JuniperSrx3600 Version-
   JuniperSrx4100 Version-
   JuniperSrx4200 Version-
   JuniperSrx4600 Version-
   JuniperSrx5400 Version-
   JuniperSrx550 Version-
   JuniperSrx550 Hm Version-
   JuniperSrx5600 Version-
   JuniperSrx5800 Version-
   JuniperSrx650 Version-
   JuniperVsrx Version-
JuniperJunos Version15.1x49 Updated100
   JuniperCsrx Version-
   JuniperSrx100 Version-
   JuniperSrx110 Version-
   JuniperSrx1400 Version-
   JuniperSrx1500 Version-
   JuniperSrx210 Version-
   JuniperSrx220 Version-
   JuniperSrx240 Version-
   JuniperSrx300 Version-
   JuniperSrx320 Version-
   JuniperSrx340 Version-
   JuniperSrx3400 Version-
   JuniperSrx345 Version-
   JuniperSrx3600 Version-
   JuniperSrx4100 Version-
   JuniperSrx4200 Version-
   JuniperSrx4600 Version-
   JuniperSrx5400 Version-
   JuniperSrx550 Version-
   JuniperSrx550 Hm Version-
   JuniperSrx5600 Version-
   JuniperSrx5800 Version-
   JuniperSrx650 Version-
   JuniperVsrx Version-
JuniperJunos Version15.1x49 Updated110
   JuniperCsrx Version-
   JuniperSrx100 Version-
   JuniperSrx110 Version-
   JuniperSrx1400 Version-
   JuniperSrx1500 Version-
   JuniperSrx210 Version-
   JuniperSrx220 Version-
   JuniperSrx240 Version-
   JuniperSrx300 Version-
   JuniperSrx320 Version-
   JuniperSrx340 Version-
   JuniperSrx3400 Version-
   JuniperSrx345 Version-
   JuniperSrx3600 Version-
   JuniperSrx4100 Version-
   JuniperSrx4200 Version-
   JuniperSrx4600 Version-
   JuniperSrx5400 Version-
   JuniperSrx550 Version-
   JuniperSrx550 Hm Version-
   JuniperSrx5600 Version-
   JuniperSrx5800 Version-
   JuniperSrx650 Version-
   JuniperVsrx Version-
JuniperJunos Version15.1x49 Updated20
   JuniperCsrx Version-
   JuniperSrx100 Version-
   JuniperSrx110 Version-
   JuniperSrx1400 Version-
   JuniperSrx1500 Version-
   JuniperSrx210 Version-
   JuniperSrx220 Version-
   JuniperSrx240 Version-
   JuniperSrx300 Version-
   JuniperSrx320 Version-
   JuniperSrx340 Version-
   JuniperSrx3400 Version-
   JuniperSrx345 Version-
   JuniperSrx3600 Version-
   JuniperSrx4100 Version-
   JuniperSrx4200 Version-
   JuniperSrx4600 Version-
   JuniperSrx5400 Version-
   JuniperSrx550 Version-
   JuniperSrx550 Hm Version-
   JuniperSrx5600 Version-
   JuniperSrx5800 Version-
   JuniperSrx650 Version-
   JuniperVsrx Version-
JuniperJunos Version15.1x49 Updated30
   JuniperCsrx Version-
   JuniperSrx100 Version-
   JuniperSrx110 Version-
   JuniperSrx1400 Version-
   JuniperSrx1500 Version-
   JuniperSrx210 Version-
   JuniperSrx220 Version-
   JuniperSrx240 Version-
   JuniperSrx300 Version-
   JuniperSrx320 Version-
   JuniperSrx340 Version-
   JuniperSrx3400 Version-
   JuniperSrx345 Version-
   JuniperSrx3600 Version-
   JuniperSrx4100 Version-
   JuniperSrx4200 Version-
   JuniperSrx4600 Version-
   JuniperSrx5400 Version-
   JuniperSrx550 Version-
   JuniperSrx550 Hm Version-
   JuniperSrx5600 Version-
   JuniperSrx5800 Version-
   JuniperSrx650 Version-
   JuniperVsrx Version-
JuniperJunos Version15.1x49 Updated35
   JuniperCsrx Version-
   JuniperSrx100 Version-
   JuniperSrx110 Version-
   JuniperSrx1400 Version-
   JuniperSrx1500 Version-
   JuniperSrx210 Version-
   JuniperSrx220 Version-
   JuniperSrx240 Version-
   JuniperSrx300 Version-
   JuniperSrx320 Version-
   JuniperSrx340 Version-
   JuniperSrx3400 Version-
   JuniperSrx345 Version-
   JuniperSrx3600 Version-
   JuniperSrx4100 Version-
   JuniperSrx4200 Version-
   JuniperSrx4600 Version-
   JuniperSrx5400 Version-
   JuniperSrx550 Version-
   JuniperSrx550 Hm Version-
   JuniperSrx5600 Version-
   JuniperSrx5800 Version-
   JuniperSrx650 Version-
   JuniperVsrx Version-
JuniperJunos Version15.1x49 Updated40
   JuniperCsrx Version-
   JuniperSrx100 Version-
   JuniperSrx110 Version-
   JuniperSrx1400 Version-
   JuniperSrx1500 Version-
   JuniperSrx210 Version-
   JuniperSrx220 Version-
   JuniperSrx240 Version-
   JuniperSrx300 Version-
   JuniperSrx320 Version-
   JuniperSrx340 Version-
   JuniperSrx3400 Version-
   JuniperSrx345 Version-
   JuniperSrx3600 Version-
   JuniperSrx4100 Version-
   JuniperSrx4200 Version-
   JuniperSrx4600 Version-
   JuniperSrx5400 Version-
   JuniperSrx550 Version-
   JuniperSrx550 Hm Version-
   JuniperSrx5600 Version-
   JuniperSrx5800 Version-
   JuniperSrx650 Version-
   JuniperVsrx Version-
JuniperJunos Version15.1x49 Updated45
   JuniperCsrx Version-
   JuniperSrx100 Version-
   JuniperSrx110 Version-
   JuniperSrx1400 Version-
   JuniperSrx1500 Version-
   JuniperSrx210 Version-
   JuniperSrx220 Version-
   JuniperSrx240 Version-
   JuniperSrx300 Version-
   JuniperSrx320 Version-
   JuniperSrx340 Version-
   JuniperSrx3400 Version-
   JuniperSrx345 Version-
   JuniperSrx3600 Version-
   JuniperSrx4100 Version-
   JuniperSrx4200 Version-
   JuniperSrx4600 Version-
   JuniperSrx5400 Version-
   JuniperSrx550 Version-
   JuniperSrx550 Hm Version-
   JuniperSrx5600 Version-
   JuniperSrx5800 Version-
   JuniperSrx650 Version-
   JuniperVsrx Version-
JuniperJunos Version15.1x49 Updated50
   JuniperCsrx Version-
   JuniperSrx100 Version-
   JuniperSrx110 Version-
   JuniperSrx1400 Version-
   JuniperSrx1500 Version-
   JuniperSrx210 Version-
   JuniperSrx220 Version-
   JuniperSrx240 Version-
   JuniperSrx300 Version-
   JuniperSrx320 Version-
   JuniperSrx340 Version-
   JuniperSrx3400 Version-
   JuniperSrx345 Version-
   JuniperSrx3600 Version-
   JuniperSrx4100 Version-
   JuniperSrx4200 Version-
   JuniperSrx4600 Version-
   JuniperSrx5400 Version-
   JuniperSrx550 Version-
   JuniperSrx550 Hm Version-
   JuniperSrx5600 Version-
   JuniperSrx5800 Version-
   JuniperSrx650 Version-
   JuniperVsrx Version-
JuniperJunos Version15.1x49 Updated55
   JuniperCsrx Version-
   JuniperSrx100 Version-
   JuniperSrx110 Version-
   JuniperSrx1400 Version-
   JuniperSrx1500 Version-
   JuniperSrx210 Version-
   JuniperSrx220 Version-
   JuniperSrx240 Version-
   JuniperSrx300 Version-
   JuniperSrx320 Version-
   JuniperSrx340 Version-
   JuniperSrx3400 Version-
   JuniperSrx345 Version-
   JuniperSrx3600 Version-
   JuniperSrx4100 Version-
   JuniperSrx4200 Version-
   JuniperSrx4600 Version-
   JuniperSrx5400 Version-
   JuniperSrx550 Version-
   JuniperSrx550 Hm Version-
   JuniperSrx5600 Version-
   JuniperSrx5800 Version-
   JuniperSrx650 Version-
   JuniperVsrx Version-
JuniperJunos Version15.1x49 Updated60
   JuniperCsrx Version-
   JuniperSrx100 Version-
   JuniperSrx110 Version-
   JuniperSrx1400 Version-
   JuniperSrx1500 Version-
   JuniperSrx210 Version-
   JuniperSrx220 Version-
   JuniperSrx240 Version-
   JuniperSrx300 Version-
   JuniperSrx320 Version-
   JuniperSrx340 Version-
   JuniperSrx3400 Version-
   JuniperSrx345 Version-
   JuniperSrx3600 Version-
   JuniperSrx4100 Version-
   JuniperSrx4200 Version-
   JuniperSrx4600 Version-
   JuniperSrx5400 Version-
   JuniperSrx550 Version-
   JuniperSrx550 Hm Version-
   JuniperSrx5600 Version-
   JuniperSrx5800 Version-
   JuniperSrx650 Version-
   JuniperVsrx Version-
JuniperJunos Version15.1x49 Updated65
   JuniperCsrx Version-
   JuniperSrx100 Version-
   JuniperSrx110 Version-
   JuniperSrx1400 Version-
   JuniperSrx1500 Version-
   JuniperSrx210 Version-
   JuniperSrx220 Version-
   JuniperSrx240 Version-
   JuniperSrx300 Version-
   JuniperSrx320 Version-
   JuniperSrx340 Version-
   JuniperSrx3400 Version-
   JuniperSrx345 Version-
   JuniperSrx3600 Version-
   JuniperSrx4100 Version-
   JuniperSrx4200 Version-
   JuniperSrx4600 Version-
   JuniperSrx5400 Version-
   JuniperSrx550 Version-
   JuniperSrx550 Hm Version-
   JuniperSrx5600 Version-
   JuniperSrx5800 Version-
   JuniperSrx650 Version-
   JuniperVsrx Version-
JuniperJunos Version15.1x49 Updated70
   JuniperCsrx Version-
   JuniperSrx100 Version-
   JuniperSrx110 Version-
   JuniperSrx1400 Version-
   JuniperSrx1500 Version-
   JuniperSrx210 Version-
   JuniperSrx220 Version-
   JuniperSrx240 Version-
   JuniperSrx300 Version-
   JuniperSrx320 Version-
   JuniperSrx340 Version-
   JuniperSrx3400 Version-
   JuniperSrx345 Version-
   JuniperSrx3600 Version-
   JuniperSrx4100 Version-
   JuniperSrx4200 Version-
   JuniperSrx4600 Version-
   JuniperSrx5400 Version-
   JuniperSrx550 Version-
   JuniperSrx550 Hm Version-
   JuniperSrx5600 Version-
   JuniperSrx5800 Version-
   JuniperSrx650 Version-
   JuniperVsrx Version-
JuniperJunos Version15.1x49 Updated75
   JuniperCsrx Version-
   JuniperSrx100 Version-
   JuniperSrx110 Version-
   JuniperSrx1400 Version-
   JuniperSrx1500 Version-
   JuniperSrx210 Version-
   JuniperSrx220 Version-
   JuniperSrx240 Version-
   JuniperSrx300 Version-
   JuniperSrx320 Version-
   JuniperSrx340 Version-
   JuniperSrx3400 Version-
   JuniperSrx345 Version-
   JuniperSrx3600 Version-
   JuniperSrx4100 Version-
   JuniperSrx4200 Version-
   JuniperSrx4600 Version-
   JuniperSrx5400 Version-
   JuniperSrx550 Version-
   JuniperSrx550 Hm Version-
   JuniperSrx5600 Version-
   JuniperSrx5800 Version-
   JuniperSrx650 Version-
   JuniperVsrx Version-
JuniperJunos Version15.1x49 Updated80
   JuniperCsrx Version-
   JuniperSrx100 Version-
   JuniperSrx110 Version-
   JuniperSrx1400 Version-
   JuniperSrx1500 Version-
   JuniperSrx210 Version-
   JuniperSrx220 Version-
   JuniperSrx240 Version-
   JuniperSrx300 Version-
   JuniperSrx320 Version-
   JuniperSrx340 Version-
   JuniperSrx3400 Version-
   JuniperSrx345 Version-
   JuniperSrx3600 Version-
   JuniperSrx4100 Version-
   JuniperSrx4200 Version-
   JuniperSrx4600 Version-
   JuniperSrx5400 Version-
   JuniperSrx550 Version-
   JuniperSrx550 Hm Version-
   JuniperSrx5600 Version-
   JuniperSrx5800 Version-
   JuniperSrx650 Version-
   JuniperVsrx Version-
JuniperJunos Version15.1x49 Updated90
   JuniperCsrx Version-
   JuniperSrx100 Version-
   JuniperSrx110 Version-
   JuniperSrx1400 Version-
   JuniperSrx1500 Version-
   JuniperSrx210 Version-
   JuniperSrx220 Version-
   JuniperSrx240 Version-
   JuniperSrx300 Version-
   JuniperSrx320 Version-
   JuniperSrx340 Version-
   JuniperSrx3400 Version-
   JuniperSrx345 Version-
   JuniperSrx3600 Version-
   JuniperSrx4100 Version-
   JuniperSrx4200 Version-
   JuniperSrx4600 Version-
   JuniperSrx5400 Version-
   JuniperSrx550 Version-
   JuniperSrx550 Hm Version-
   JuniperSrx5600 Version-
   JuniperSrx5800 Version-
   JuniperSrx650 Version-
   JuniperVsrx Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.08% 0.209
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 7.4 2.2 5.2
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
nvd@nist.gov 5.8 8.6 4.9
AV:N/AC:M/Au:N/C:P/I:P/A:N
sirt@juniper.net 6.8 1.6 5.2
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
CWE-295 Improper Certificate Validation

The product does not validate, or incorrectly validates, a certificate.

CWE-300 Channel Accessible by Non-Endpoint

The product does not adequately verify the identity of actors at both ends of a communication channel, or does not adequately ensure the integrity of the channel, in a way that allows the channel to be accessed or influenced by an actor that is not an endpoint.