CVE-2020-1619

EPSS 0.04%
Veröffentlicht 08.04.2020 20:15:13
Zuletzt bearbeitet 21.11.2024 05:11:00
Quelle sirt@juniper.net
Teams Watchlist Login
Unerledigt Login

A privilege escalation vulnerability in Juniper Networks QFX10K Series, EX9200 Series, MX Series, and PTX Series with Next-Generation Routing Engine (NG-RE), allows a local authenticated high privileged user to access the underlying WRL host. This issue only affects QFX10K Series with NG-RE, EX9200 Series with NG-RE, MX Series with NG-RE and PTX Series with NG-RE; which uses vmhost. This issue affects Juniper Networks Junos OS: 16.1 versions prior to 16.1R7-S6; 16.2 versions prior to 16.2R2-S11; 17.1 versions prior to 17.1R2-S11, 17.1R3; 17.2 versions prior to 17.2R1-S9, 17.2R3-S3; 17.3 versions prior to 17.3R2-S5, 17.3R3-S7; 17.4 versions prior to 17.4R2-S7, 17.4R3; 18.1 versions prior to 18.1R3-S4; 18.2 versions prior to 18.2R3; 18.2X75 versions prior to 18.2X75-D50; 18.3 versions prior to 18.3R2; 18.4 versions prior to 18.4R2. To identify whether the device has NG-RE with vmhost, customer can run the following command: > show vmhost status Compute cluster: rainier-re-cc Compute Node: rainier-re-cn, Online If the "show vmhost status" is not supported, then the device does not have NG-RE with vmhost.

Betroffene Produkte Warnungen 0 Metriken 4 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Juniper ≫ Junos Version16.1 Update-

Juniper ≫ Junos Version16.1 Updater1

Juniper ≫ Junos Version16.1 Updater2

Juniper ≫ Junos Version16.1 Updater3

Juniper ≫ Junos Version16.1 Updater3-s10

Juniper ≫ Junos Version16.1 Updater3-s11

Juniper ≫ Junos Version16.1 Updater4

Juniper ≫ Junos Version16.1 Updater4-s12

Juniper ≫ Junos Version16.1 Updater4-s2

Juniper ≫ Junos Version16.1 Updater4-s3

Juniper ≫ Junos Version16.1 Updater4-s4

Juniper ≫ Junos Version16.1 Updater4-s6

Juniper ≫ Junos Version16.1 Updater5

Juniper ≫ Junos Version16.1 Updater5-s4

Juniper ≫ Junos Version16.1 Updater6-s1

Juniper ≫ Junos Version16.1 Updater6-s6

Juniper ≫ Junos Version16.1 Updater7

Juniper ≫ Junos Version16.1 Updater7-s2

Juniper ≫ Junos Version16.1 Updater7-s3

Juniper ≫ Junos Version16.1 Updater7-s4

Juniper ≫ Junos Version16.1 Updater7-s5

Juniper ≫ Junos Version16.2 Update-

Juniper ≫ Junos Version16.2 Updater1

Juniper ≫ Junos Version16.2 Updater2

Juniper ≫ Junos Version16.2 Updater2-s1

Juniper ≫ Junos Version16.2 Updater2-s10

Juniper ≫ Junos Version16.2 Updater2-s2

Juniper ≫ Junos Version16.2 Updater2-s5

Juniper ≫ Junos Version16.2 Updater2-s6

Juniper ≫ Junos Version16.2 Updater2-s7

Juniper ≫ Junos Version16.2 Updater2-s8

Juniper ≫ Junos Version16.2 Updater2-s9

Juniper ≫ Junos Version17.1 Update-

Juniper ≫ Junos Version17.1 Updater1

Juniper ≫ Junos Version17.1 Updater2

Juniper ≫ Junos Version17.1 Updater2-s1

Juniper ≫ Junos Version17.1 Updater2-s10

Juniper ≫ Junos Version17.1 Updater2-s2

Juniper ≫ Junos Version17.1 Updater2-s3

Juniper ≫ Junos Version17.1 Updater2-s4

Juniper ≫ Junos Version17.1 Updater2-s5

Juniper ≫ Junos Version17.1 Updater2-s6

Juniper ≫ Junos Version17.1 Updater2-s7

Juniper ≫ Junos Version17.1 Updater2-s8

Juniper ≫ Junos Version17.1 Updater2-s9

Juniper ≫ Junos Version17.2 Update-

Juniper ≫ Junos Version17.2 Updater1

Juniper ≫ Junos Version17.2 Updater1-s1

Juniper ≫ Junos Version17.2 Updater1-s2

Juniper ≫ Junos Version17.2 Updater1-s3

Juniper ≫ Junos Version17.2 Updater1-s4

Juniper ≫ Junos Version17.2 Updater1-s5

Juniper ≫ Junos Version17.2 Updater1-s7

Juniper ≫ Junos Version17.2 Updater1-s8

Juniper ≫ Junos Version17.2 Updater2

Juniper ≫ Junos Version17.2 Updater2-s6

Juniper ≫ Junos Version17.2 Updater2-s7

Juniper ≫ Junos Version17.2 Updater3

Juniper ≫ Junos Version17.2 Updater3-s1

Juniper ≫ Junos Version17.2 Updater3-s2

Juniper ≫ Junos Version17.3 Update-

Juniper ≫ Junos Version17.3 Updater1-s1

Juniper ≫ Junos Version17.3 Updater2

Juniper ≫ Junos Version17.3 Updater2-s1

Juniper ≫ Junos Version17.3 Updater2-s2

Juniper ≫ Junos Version17.3 Updater2-s3

Juniper ≫ Junos Version17.3 Updater2-s4

Juniper ≫ Junos Version17.3 Updater3 Edition-

Juniper ≫ Junos Version17.3 Updater3-s1

Juniper ≫ Junos Version17.3 Updater3-s2

Juniper ≫ Junos Version17.3 Updater3-s3

Juniper ≫ Junos Version17.3 Updater3-s4

Juniper ≫ Junos Version17.3 Updater3-s5

Juniper ≫ Junos Version17.3 Updater3-s6

Juniper ≫ Junos Version17.4 Update-

Juniper ≫ Junos Version17.4 Updater1

Juniper ≫ Junos Version17.4 Updater1-s1

Juniper ≫ Junos Version17.4 Updater1-s2

Juniper ≫ Junos Version17.4 Updater1-s4

Juniper ≫ Junos Version17.4 Updater1-s5

Juniper ≫ Junos Version17.4 Updater1-s6

Juniper ≫ Junos Version17.4 Updater1-s7

Juniper ≫ Junos Version17.4 Updater2

Juniper ≫ Junos Version17.4 Updater2-s1

Juniper ≫ Junos Version17.4 Updater2-s2

Juniper ≫ Junos Version17.4 Updater2-s3

Juniper ≫ Junos Version17.4 Updater2-s4

Juniper ≫ Junos Version17.4 Updater2-s5

Juniper ≫ Junos Version17.4 Updater2-s6

Juniper ≫ Junos Version18.1 Update-

Juniper ≫ Junos Version18.1 Updater2

Juniper ≫ Junos Version18.1 Updater2-s1

Juniper ≫ Junos Version18.1 Updater2-s2

Juniper ≫ Junos Version18.1 Updater2-s4

Juniper ≫ Junos Version18.1 Updater3

Juniper ≫ Junos Version18.1 Updater3-s1

Juniper ≫ Junos Version18.1 Updater3-s2

Juniper ≫ Junos Version18.1 Updater3-s3

Juniper ≫ Junos Version18.2 Update-

Juniper ≫ Junos Version18.2 Updater1 Edition-

Juniper ≫ Junos Version18.2 Updater1-s3

Juniper ≫ Junos Version18.2 Updater1-s5

Juniper ≫ Junos Version18.2 Updater2-s1

Juniper ≫ Junos Version18.2 Updater2-s2

Juniper ≫ Junos Version18.2 Updater2-s3

Juniper ≫ Junos Version18.2 Updater2-s4

Juniper ≫ Junos Version18.2 Updater2-s5

Juniper ≫ Junos Version18.2 Updater2-s6

Juniper ≫ Junos Version18.2x75 Update-

Juniper ≫ Junos Version18.2x75 Updated20

Juniper ≫ Junos Version18.2x75 Updated30

Juniper ≫ Junos Version18.2x75 Updated40

Juniper ≫ Junos Version18.3 Update-

Juniper ≫ Junos Version18.3 Updater1

Juniper ≫ Junos Version18.3 Updater1-s1

Juniper ≫ Junos Version18.3 Updater1-s2

Juniper ≫ Junos Version18.3 Updater1-s3

Juniper ≫ Junos Version18.3 Updater1-s5

Juniper ≫ Junos Version18.4 Update-

Juniper ≫ Junos Version18.4 Updater1

Juniper ≫ Junos Version18.4 Updater1-s1

Juniper ≫ Junos Version18.4 Updater1-s2

Juniper ≫ Junos Version18.4 Updater1-s5

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.04%	0.084

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.7	0.8	5.9	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	4.6	3.9	6.4	AV:L/AC:L/Au:N/C:P/I:P/A:P
sirt@juniper.net	6	0.8	5.2	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

https://kb.juniper.net/JSA11002

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2020-1619

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2020-1619

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2020-1619

EUVD