CVE-2019-0073: Junos OS: PKI key pairs are exported with insecure file permissions

First published: Wed Oct 09 2019(Updated: )

The PKI keys exported using the command "run request security pki key-pair export" on Junos OS may have insecure file permissions. This may allow another user on the Junos OS device with shell access to read them. This issue affects: Juniper Networks Junos OS 15.1X49 versions prior to 15.1X49-D180; 17.3 versions prior to 17.3R3-S7; 17.4 versions prior to 17.4R2-S8, 17.4R3; 18.1 versions prior to 18.1R3-S8; 18.2 versions prior to 18.2R3; 18.3 versions prior to 18.3R2; 18.4 versions prior to 18.4R2.

Credit: sirt@juniper.net

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• collector/nvd-index
• agent/type
• agent/weakness
• agent/softwarecombine
• collector/mitre-cve
• source/MITRE
• agent/references
• agent/remedy
• agent/severity
• agent/author
• agent/title
• agent/last-modified-date
• agent/tags
• agent/description
• agent/first-publish-date
• agent/event
• vendor/juniper
• canonical/juniper junos
• version/juniper junos/15.1x49
• version/juniper junos/15.1x49-d10
• version/juniper junos/15.1x49-d100
• version/juniper junos/15.1x49-d110
• version/juniper junos/15.1x49-d120
• version/juniper junos/15.1x49-d130
• version/juniper junos/15.1x49-d140
• version/juniper junos/15.1x49-d150
• version/juniper junos/15.1x49-d160
• version/juniper junos/15.1x49-d170
• version/juniper junos/15.1x49-d20
• version/juniper junos/15.1x49-d30
• version/juniper junos/15.1x49-d35
• version/juniper junos/15.1x49-d40
• version/juniper junos/15.1x49-d45
• version/juniper junos/15.1x49-d50
• version/juniper junos/15.1x49-d55
• version/juniper junos/15.1x49-d60
• version/juniper junos/15.1x49-d65
• version/juniper junos/15.1x49-d70
• version/juniper junos/15.1x49-d75
• version/juniper junos/15.1x49-d80
• version/juniper junos/15.1x49-d90
• version/juniper junos/17.3
• version/juniper junos/17.3-r1
• version/juniper junos/17.3-r2
• version/juniper junos/17.3-r2-s1
• version/juniper junos/17.3-r2-s2
• version/juniper junos/17.3-r3
• version/juniper junos/17.3-r3-s1
• version/juniper junos/17.3-r3-s2
• version/juniper junos/17.3-r3-s3
• version/juniper junos/17.3-r3-s4
• version/juniper junos/17.3-r3-s5
• version/juniper junos/17.3-r3-s6
• version/juniper junos/17.4
• version/juniper junos/17.4-r1
• version/juniper junos/17.4-r1-s1
• version/juniper junos/17.4-r1-s2
• version/juniper junos/17.4-r1-s4
• version/juniper junos/17.4-r1-s6
• version/juniper junos/17.4-r1-s7
• version/juniper junos/17.4-r2
• version/juniper junos/17.4-r2-s1
• version/juniper junos/17.4-r2-s3
• version/juniper junos/17.4-r2-s4
• version/juniper junos/17.4-r2-s5
• version/juniper junos/17.4-r2-s6
• version/juniper junos/17.4-r2-s7
• version/juniper junos/18.1
• version/juniper junos/18.1-r2
• version/juniper junos/18.1-r2-s1
• version/juniper junos/18.1-r2-s2
• version/juniper junos/18.1-r2-s4
• version/juniper junos/18.1-r3
• version/juniper junos/18.1-r3-s2
• version/juniper junos/18.1-r3-s3
• version/juniper junos/18.1-r3-s4
• version/juniper junos/18.1-r3-s5
• version/juniper junos/18.1-r3-s6
• version/juniper junos/18.1-r3-s7
• version/juniper junos/18.2
• version/juniper junos/18.2-r1-s5
• version/juniper junos/18.2-r2
• version/juniper junos/18.2-r2-s1
• version/juniper junos/18.2-r2-s2
• version/juniper junos/18.2-r2-s3
• version/juniper junos/18.2-r2-s4
• version/juniper junos/18.3
• version/juniper junos/18.3-r1
• version/juniper junos/18.3-r1-s1
• version/juniper junos/18.3-r1-s2
• version/juniper junos/18.3-r1-s3
• version/juniper junos/18.4
• version/juniper junos/18.4-r1
• version/juniper junos/18.4-r1-s2