Details of VAR-201904-1496

ID

VAR-201904-1496

CVE

CVE-2019-0034

TITLE

Juniper Junos CVE-2019-0034 Hardcoded Credentials Security Bypass Vulnerability

Trust: 0.3

sources: BID: 107877

DESCRIPTION

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a vulnerability. Notes: Google gRPC credentials were found which existed for specific internal product testing purposes which are not used as part of production releases of Junos OS. Hence this is not a vulnerability and this CVE ID assignment has been withdrawn. Juniper Junos is prone to a security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may aid in further attacks

Trust: 1.26

sources: NVD: CVE-2019-0034 // BID: 107877 // VULHUB: VHN-140065

AFFECTED PRODUCTS

vendor:	juniper	model:	junos 18.3r1-s2	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 18.3r1-s1	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 18.3r1	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 18.2x75-d5	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 18.2x75-d30	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 18.2x75-d20	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 18.2x75-d10	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos	scope:	eq	version:	18.2x75	Trust: 0.3
vendor:	juniper	model:	junos 18.2r2	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 18.2r1-s4	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 18.2r1-s3	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 18.2r1	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 18.1r3-s2	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 18.1r3-s1	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 18.1r3	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 18.1r2-s3	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 18.1r2-s2	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 18.1r2-s1	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 18.1r2	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 17.4r2-s2	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 17.4r2-s1	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 17.4r2	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 17.4r1-s5	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 17.4r1-s4	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 17.4r1-s1	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 17.4r1	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 17.3r3-s2	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 17.3r3-s1	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 17.3r3	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 17.2r3	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 17.2r1-s7	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 17.2r1-s5	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 17.2r1-s3	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 17.2r1-s1	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 17.2r1	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 17.1r2-s9	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 17.1r2-s6	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 17.1r2-s5	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 17.1r2-s4	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 17.1r2-s3	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 17.1r2-s2	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 17.1r2	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 16.1r7-s3	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 16.1r7-s2	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 16.1r7-s1	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 16.1r7	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 16.1r3-s9	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 16.1r3-s8	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 16.1r3-s6	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 16.1r3-s4	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 16.1r3-s3	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 16.1r3	scope:	-	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 18.3r1-s3	scope:	ne	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 18.2x75-d40	scope:	ne	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 18.2r2-s1	scope:	ne	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 18.2r1-s5	scope:	ne	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 18.1r3-s3	scope:	ne	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 18.1r2-s4	scope:	ne	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 17.4r2-s3	scope:	ne	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 17.4r1-s6	scope:	ne	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 17.3r3-s3	scope:	ne	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 17.2r3-s1	scope:	ne	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 17.2r1-s8	scope:	ne	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 17.1r3	scope:	ne	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 17.1r2-s10	scope:	ne	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 16.1r7-s4	scope:	ne	version:	-	Trust: 0.3
vendor:	juniper	model:	junos 16.1r3-s10	scope:	ne	version:	-	Trust: 0.3

sources: BID: 107877

PROBLEMTYPE DATA

problemtype:

CWE-798

Trust: 0.1

sources: VULHUB: VHN-140065

THREAT TYPE

network

Trust: 0.3

sources: BID: 107877

TYPE

Configuration Error

Trust: 0.3

sources: BID: 107877

EXTERNAL IDS

db:	NVD	id:	CVE-2019-0034	Trust: 1.4
db:	JUNIPER	id:	JSA10923	Trust: 0.4
db:	BID	id:	107877	Trust: 0.4
db:	VULHUB	id:	VHN-140065	Trust: 0.1

sources: VULHUB: VHN-140065 // BID: 107877 // NVD: CVE-2019-0034

REFERENCES

url:	http://www.juniper.net/	Trust: 0.3
url:	http://www.juniper.net/us/en/products-services/nos/junos/	Trust: 0.3
url:	https://kb.juniper.net/infocenter/index?page=content&id=jsa10923&actp=rss 2019-04	Trust: 0.3
url:	http://www.securityfocus.com/bid/107877	Trust: 0.1
url:	https://kb.juniper.net/jsa10923	Trust: 0.1
url:	https://www.juniper.net/documentation/en_us/junos/topics/concept/junos-telemetry-interface-oveview.html	Trust: 0.1
url:	https://www.juniper.net/documentation/en_us/junos/topics/task/configuration/grpc-junos-telemetry-interface-configuring.html	Trust: 0.1
url:	https://www.juniper.net/documentation/en_us/junos/topics/task/installation/network-agent-installing.html	Trust: 0.1

sources: VULHUB: VHN-140065 // BID: 107877

CREDITS

The vendor reported this issue.

Trust: 0.3

sources: BID: 107877

SOURCES

db:	VULHUB	id:	VHN-140065
db:	BID	id:	107877
db:	NVD	id:	CVE-2019-0034

LAST UPDATE DATE

2024-08-14T14:51:14.537000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-140065	date:	2019-04-15T00:00:00
db:	BID	id:	107877	date:	2019-04-10T00:00:00
db:	NVD	id:	CVE-2019-0034	date:	2023-11-07T03:01:40.110

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-140065	date:	2019-04-10T00:00:00
db:	BID	id:	107877	date:	2019-04-10T00:00:00
db:	NVD	id:	CVE-2019-0034	date:	2019-04-10T20:29:00.630