Vulnerability Database

291,049

Total vulnerabilities in the database

CVE-2019-0074

A path traversal vulnerability in NFX150 Series and QFX10K Series, EX9200 Series, MX Series and PTX Series devices with Next-Generation Routing Engine (NG-RE) allows a local authenticated user to read sensitive system files. This issue only affects NFX150 Series and QFX10K Series, EX9200 Series, MX Series and PTX Series with Next-Generation Routing Engine (NG-RE) which uses vmhost. This issue affects Juniper Networks Junos OS on NFX150 Series and QFX10K, EX9200 Series, MX Series and PTX Series with NG-RE and vmhost: 15.1F versions prior to 15.1F6-S12 16.1 versions starting from 16.1R6 and later releases, including the Service Releases, prior to 16.1R6-S6, 16.1R7-S3; 17.1 versions prior to 17.1R3; 17.2 versions starting from 17.2R1-S3, 17.2R3 and later releases, including the Service Releases, prior to 17.2R3-S1; 17.3 versions starting from 17.3R1-S1, 17.3R2 and later releases, including the Service Releases, prior to 17.3R3-S3; 17.4 versions starting from 17.4R1 and later releases, including the Service Releases, prior to 17.4R1-S6, 17.4R2-S2, 17.4R3; 18.1 versions prior to 18.1R2-S4, 18.1R3-S3; 18.2 versions prior to 18.2R2; 18.2X75 versions prior to 18.2X75-D40; 18.3 versions prior to 18.3R1-S2, 18.3R2; 18.4 versions prior to 18.4R1-S1, 18.4R2. This issue does not affect: Juniper Networks Junos OS 15.1 and 16.2.

  • Published: Oct 9, 2019
  • Updated: Apr 13, 2023
  • CVE: CVE-2019-0074
  • Severity: Medium
  • Exploit:

CVSS v3:

  • Severity: Medium
  • Score: 5.5
  • AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CVSS v2:

  • Severity: Low
  • Score: 2.1
  • AV:L/AC:L/Au:N/C:P/I:N/A:N

CWEs:

OWASP TOP 10:

Software From Fixed in
juniper / junos 15.1-f1 15.1-f1.x
juniper / junos 15.1-f2-s3 15.1-f2-s3.x
juniper / junos 15.1-f2-s2 15.1-f2-s2.x
juniper / junos 15.1-f4 15.1-f4.x
juniper / junos 15.1-f2-s4 15.1-f2-s4.x
juniper / junos 15.1-f6 15.1-f6.x
juniper / junos 15.1-f2 15.1-f2.x
juniper / junos 15.1-f3 15.1-f3.x
juniper / junos 15.1-f2-s1 15.1-f2-s1.x
juniper / junos 15.1-f5 15.1-f5.x
juniper / junos 15.1-f6-s3 15.1-f6-s3.x
juniper / junos 16.1-r6 16.1-r6.x
juniper / junos 16.1-r6-s1 16.1-r6-s1.x
juniper / junos 16.1-r7 16.1-r7.x
juniper / junos 17.1-r1 17.1-r1.x
juniper / junos 17.1-r2-s7 17.1-r2-s7.x
juniper / junos 17.1-r2-s1 17.1-r2-s1.x
juniper / junos 17.1-r2-s2 17.1-r2-s2.x
juniper / junos 17.1-r2-s3 17.1-r2-s3.x
juniper / junos 17.1-r2-s4 17.1-r2-s4.x
juniper / junos 17.1-r2-s5 17.1-r2-s5.x
juniper / junos 17.1-r2-s6 17.1-r2-s6.x
juniper / junos 17.1 17.1.x
juniper / junos 17.1-r2-s10 17.1-r2-s10.x
juniper / junos 17.2-r1-s2 17.2-r1-s2.x
juniper / junos 17.2-r2-s6 17.2-r2-s6.x
juniper / junos 17.2-r1-s7 17.2-r1-s7.x
juniper / junos 17.2-r1-s4 17.2-r1-s4.x
juniper / junos 17.2 17.2.x
juniper / junos 17.2-r2-s7 17.2-r2-s7.x
juniper / junos 17.2-r1-s8 17.2-r1-s8.x
juniper / junos 17.3-r2 17.3-r2.x
juniper / junos 17.3-r2-s2 17.3-r2-s2.x
juniper / junos 17.3-r3 17.3-r3.x
juniper / junos 17.3-r2-s1 17.3-r2-s1.x
juniper / junos 17.3-r1-s1 17.3-r1-s1.x
juniper / junos 17.4-r1 17.4-r1.x
juniper / junos 17.4-r2 17.4-r2.x
juniper / junos 17.4-r1-s1 17.4-r1-s1.x
juniper / junos 17.4-r1-s2 17.4-r1-s2.x
juniper / junos 17.4-r2-s1 17.4-r2-s1.x
juniper / junos 17.4-r1-s7 17.4-r1-s7.x
juniper / junos 17.4-r1-s4 17.4-r1-s4.x
juniper / junos 18.1-r3 18.1-r3.x
juniper / junos 18.1-r2 18.1-r2.x
juniper / junos 18.1-r2-s2 18.1-r2-s2.x
juniper / junos 18.1-r3-s2 18.1-r3-s2.x
juniper / junos 18.1 18.1.x
juniper / junos 18.1-r2-s1 18.1-r2-s1.x
juniper / junos 18.2 18.2.x
juniper / junos 18.2-r1-s5 18.2-r1-s5.x
juniper / junos 18.2x75 18.2x75.x
juniper / junos 18.2x75-d20 18.2x75-d20.x
juniper / junos 18.3-r1-s1 18.3-r1-s1.x
juniper / junos 18.3-r1 18.3-r1.x
juniper / junos 18.3 18.3.x
juniper / junos 18.3-r1-s3 18.3-r1-s3.x
juniper / junos 18.4-r1 18.4-r1.x
juniper / junos 18.4 18.4.x
juniper / junos 18.4-r1-s2 18.4-r1-s2.x