CVE-2020-1688: Junos OS: SRX and NFX Series: Insufficient Web API private key protection
First published: Fri Oct 16 2020(Updated: )
On Juniper Networks SRX Series and NFX Series, a local authenticated user with access to the shell may obtain the Web API service private key that is used to provide encrypted communication between the Juniper device and the authenticator services. Exploitation of this vulnerability may allow an attacker to decrypt the communications between the Juniper device and the authenticator service. This Web API service is used for authentication services such as the Juniper Identity Management Service, used to obtain user identity for Integrated User Firewall feature, or the integrated ClearPass authentication and enforcement feature. This issue affects Juniper Networks Junos OS on Networks SRX Series and NFX Series: 12.3X48 versions prior to 12.3X48-D105; 15.1X49 versions prior to 15.1X49-D190; 16.1 versions prior to 16.1R7-S8; 17.2 versions prior to 17.2R3-S4; 17.3 versions prior to 17.3R3-S8; 17.4 versions prior to 17.4R2-S11, 17.4R3; 18.1 versions prior to 18.1R3-S7; 18.2 versions prior to 18.2R3; 18.3 versions prior to 18.3R2-S4, 18.3R3; 18.4 versions prior to 18.4R1-S7, 18.4R2; 19.1 versions prior to 19.1R2; 19.2 versions prior to 19.2R1-S4, 19.2R2.
Credit: sirt@juniper.net
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Junos OS Evolved | =12.3x48 | |
| Junos OS Evolved | =12.3x48-d10 | |
| Junos OS Evolved | =12.3x48-d100 | |
| Junos OS Evolved | =12.3x48-d15 | |
| Junos OS Evolved | =12.3x48-d20 | |
| Junos OS Evolved | =12.3x48-d25 | |
| Junos OS Evolved | =12.3x48-d30 | |
| Junos OS Evolved | =12.3x48-d35 | |
| Junos OS Evolved | =12.3x48-d40 | |
| Junos OS Evolved | =12.3x48-d45 | |
| Junos OS Evolved | =12.3x48-d50 | |
| Junos OS Evolved | =12.3x48-d51 | |
| Junos OS Evolved | =12.3x48-d55 | |
| Junos OS Evolved | =12.3x48-d60 | |
| Junos OS Evolved | =12.3x48-d65 | |
| Junos OS Evolved | =12.3x48-d70 | |
| Junos OS Evolved | =12.3x48-d75 | |
| Junos OS Evolved | =12.3x48-d80 | |
| Junos OS Evolved | =12.3x48-d90 | |
| Junos OS Evolved | =12.3x48-d95 | |
| Junos OS Evolved | =15.1x49 | |
| Junos OS Evolved | =15.1x49-d10 | |
| Junos OS Evolved | =15.1x49-d100 | |
| Junos OS Evolved | =15.1x49-d110 | |
| Junos OS Evolved | =15.1x49-d120 | |
| Junos OS Evolved | =15.1x49-d130 | |
| Junos OS Evolved | =15.1x49-d140 | |
| Junos OS Evolved | =15.1x49-d15 | |
| Junos OS Evolved | =15.1x49-d150 | |
| Junos OS Evolved | =15.1x49-d160 | |
| Junos OS Evolved | =15.1x49-d170 | |
| Junos OS Evolved | =15.1x49-d180 | |
| Junos OS Evolved | =15.1x49-d20 | |
| Junos OS Evolved | =15.1x49-d25 | |
| Junos OS Evolved | =15.1x49-d30 | |
| Junos OS Evolved | =15.1x49-d35 | |
| Junos OS Evolved | =15.1x49-d40 | |
| Junos OS Evolved | =15.1x49-d45 | |
| Junos OS Evolved | =15.1x49-d50 | |
| Junos OS Evolved | =15.1x49-d55 | |
| Junos OS Evolved | =15.1x49-d60 | |
| Junos OS Evolved | =15.1x49-d65 | |
| Junos OS Evolved | =15.1x49-d70 | |
| Junos OS Evolved | =15.1x49-d75 | |
| Junos OS Evolved | =15.1x49-d80 | |
| Junos OS Evolved | =15.1x49-d90 | |
| Junos OS Evolved | =16.1 | |
| Junos OS Evolved | =16.1-r1 | |
| Junos OS Evolved | =16.1-r2 | |
| Junos OS Evolved | =16.1-r3 | |
| Junos OS Evolved | =16.1-r3-s10 | |
| Junos OS Evolved | =16.1-r3-s11 | |
| Junos OS Evolved | =16.1-r4 | |
| Junos OS Evolved | =16.1-r4-s12 | |
| Junos OS Evolved | =16.1-r4-s2 | |
| Junos OS Evolved | =16.1-r4-s3 | |
| Junos OS Evolved | =16.1-r4-s4 | |
| Junos OS Evolved | =16.1-r4-s6 | |
| Junos OS Evolved | =16.1-r5 | |
| Junos OS Evolved | =16.1-r5-s4 | |
| Junos OS Evolved | =16.1-r6-s1 | |
| Junos OS Evolved | =16.1-r6-s6 | |
| Junos OS Evolved | =16.1-r7 | |
| Junos OS Evolved | =16.1-r7-s2 | |
| Junos OS Evolved | =16.1-r7-s3 | |
| Junos OS Evolved | =16.1-r7-s4 | |
| Junos OS Evolved | =16.1-r7-s5 | |
| Junos OS Evolved | =16.1-r7-s6 | |
| Junos OS Evolved | =16.1-r7-s7 | |
| Junos OS Evolved | =17.2 | |
| Junos OS Evolved | =17.2-r1 | |
| Junos OS Evolved | =17.2-r1-s1 | |
| Junos OS Evolved | =17.2-r1-s2 | |
| Junos OS Evolved | =17.2-r1-s3 | |
| Junos OS Evolved | =17.2-r1-s4 | |
| Junos OS Evolved | =17.2-r1-s5 | |
| Junos OS Evolved | =17.2-r1-s7 | |
| Junos OS Evolved | =17.2-r1-s8 | |
| Junos OS Evolved | =17.2-r2 | |
| Junos OS Evolved | =17.2-r2-s11 | |
| Junos OS Evolved | =17.2-r2-s6 | |
| Junos OS Evolved | =17.2-r2-s7 | |
| Junos OS Evolved | =17.2-r3-s1 | |
| Junos OS Evolved | =17.2-r3-s2 | |
| Junos OS Evolved | =17.2-r3-s3 | |
| Junos OS Evolved | =17.3 | |
| Junos OS Evolved | =17.3-r1-s1 | |
| Junos OS Evolved | =17.3-r2 | |
| Junos OS Evolved | =17.3-r2-s1 | |
| Junos OS Evolved | =17.3-r2-s2 | |
| Junos OS Evolved | =17.3-r2-s3 | |
| Junos OS Evolved | =17.3-r2-s4 | |
| Junos OS Evolved | =17.3-r2-s5 | |
| Junos OS Evolved | =17.3-r3 | |
| Junos OS Evolved | =17.3-r3-s1 | |
| Junos OS Evolved | =17.3-r3-s2 | |
| Junos OS Evolved | =17.3-r3-s3 | |
| Junos OS Evolved | =17.3-r3-s4 | |
| Junos OS Evolved | =17.3-r3-s7 | |
| Junos OS Evolved | =17.4 | |
| Junos OS Evolved | =17.4-r1 | |
| Junos OS Evolved | =17.4-r1-s1 | |
| Junos OS Evolved | =17.4-r1-s2 | |
| Junos OS Evolved | =17.4-r1-s4 | |
| Junos OS Evolved | =17.4-r1-s5 | |
| Junos OS Evolved | =17.4-r1-s6 | |
| Junos OS Evolved | =17.4-r1-s7 | |
| Junos OS Evolved | =17.4-r2 | |
| Junos OS Evolved | =17.4-r2-s1 | |
| Junos OS Evolved | =17.4-r2-s10 | |
| Junos OS Evolved | =17.4-r2-s2 | |
| Junos OS Evolved | =17.4-r2-s3 | |
| Junos OS Evolved | =17.4-r2-s4 | |
| Junos OS Evolved | =17.4-r2-s5 | |
| Junos OS Evolved | =17.4-r2-s6 | |
| Junos OS Evolved | =17.4-r2-s7 | |
| Junos OS Evolved | =17.4-r2-s8 | |
| Junos OS Evolved | =17.4-r2-s9 | |
| Junos OS Evolved | =18.1 | |
| Junos OS Evolved | =18.1-r1 | |
| Junos OS Evolved | =18.1-r2 | |
| Junos OS Evolved | =18.1-r2-s1 | |
| Junos OS Evolved | =18.1-r2-s2 | |
| Junos OS Evolved | =18.1-r2-s4 | |
| Junos OS Evolved | =18.1-r3 | |
| Junos OS Evolved | =18.1-r3-s1 | |
| Junos OS Evolved | =18.1-r3-s2 | |
| Junos OS Evolved | =18.1-r3-s3 | |
| Junos OS Evolved | =18.1-r3-s4 | |
| Junos OS Evolved | =18.1-r3-s6 | |
| Junos OS Evolved | =18.2 | |
| Junos OS Evolved | =18.2-r1 | |
| Junos OS Evolved | =18.2-r1 | |
| Junos OS Evolved | =18.2-r1-s3 | |
| Junos OS Evolved | =18.2-r1-s4 | |
| Junos OS Evolved | =18.2-r1-s5 | |
| Junos OS Evolved | =18.2-r2 | |
| Junos OS Evolved | =18.2-r2-s1 | |
| Junos OS Evolved | =18.2-r2-s2 | |
| Junos OS Evolved | =18.2-r2-s3 | |
| Junos OS Evolved | =18.2-r2-s4 | |
| Junos OS Evolved | =18.2-r2-s5 | |
| Junos OS Evolved | =18.2-r2-s6 | |
| Junos OS Evolved | =18.3 | |
| Junos OS Evolved | =18.3-r1 | |
| Junos OS Evolved | =18.3-r1-s1 | |
| Junos OS Evolved | =18.3-r1-s2 | |
| Junos OS Evolved | =18.3-r1-s3 | |
| Junos OS Evolved | =18.3-r1-s5 | |
| Junos OS Evolved | =18.3-r1-s6 | |
| Junos OS Evolved | =18.3-r2 | |
| Junos OS Evolved | =18.3-r2-s1 | |
| Junos OS Evolved | =18.3-r2-s2 | |
| Junos OS Evolved | =18.3-r2-s3 | |
| Junos OS Evolved | =18.4 | |
| Junos OS Evolved | =18.4-r1 | |
| Junos OS Evolved | =18.4-r1-s1 | |
| Junos OS Evolved | =18.4-r1-s2 | |
| Junos OS Evolved | =18.4-r1-s5 | |
| Junos OS Evolved | =18.4-r1-s6 | |
| Junos OS Evolved | =19.1 | |
| Junos OS Evolved | =19.1-r1 | |
| Junos OS Evolved | =19.1-r1-s1 | |
| Junos OS Evolved | =19.1-r1-s2 | |
| Junos OS Evolved | =19.1-r1-s3 | |
| Junos OS Evolved | =19.1-r1-s4 | |
| Junos OS Evolved | =19.2 | |
| Junos OS Evolved | =19.2-r1 | |
| Junos OS Evolved | =19.2-r1-s1 | |
| Junos OS Evolved | =19.2-r1-s2 | |
| Junos OS Evolved | =19.2-r1-s3 | |
| Juniper NFX | ||
| Juniper NFX | ||
| Juniper NFX Series | ||
| Juniper SRX1500 | ||
| Juniper SRX300 | ||
| Juniper SRX320 | ||
| Juniper SRX340 | ||
| Juniper SRX345 | ||
| Juniper SRX380 | ||
| Juniper SRX4100 | ||
| Juniper SRX4200 | ||
| Juniper SRX4600 | ||
| Juniper SRX5400 | ||
| Juniper SRX550 | ||
| Juniper SRX5600 | ||
| Juniper SRX5800 |
Remedy
The following software releases have been updated to resolve this specific issue: Junos OS 12.3X48-D105, 15.1X49-D190, 16.1R7-S8, 17.2R3-S4, 17.3R3-S8, 17.4R2-S11, 17.4R3, 18.1R3-S7, 18.2R3, 18.3R2-S4, 18.3R3, 18.4R1-S7, 18.4R2, 18.4R3, 19.1R2, 19.2R1-S4, 19.2R2, 19.3R1, and all subsequent releases.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://kb.juniper.net/InfoCenter/index?page=content&id=KB30911
- https://kb.juniper.net/JSA11085
- https://www.juniper.net/documentation/en_US/junos/topics/reference/configuration-statement/services-webapi-user-cli.html
- https://www.juniper.net/documentation/en_US/junos/topics/topic-map/security-user-auth-configure-jims.html
- https://www.juniper.net/documentation/en_US/junos/topics/topic-map/security-user-auth-intergrated-user-firewall-overview.html
Frequently Asked Questions
What is the severity of CVE-2020-1688?
CVE-2020-1688 has a medium severity level due to its potential impact on the confidentiality of private keys.
How do I fix CVE-2020-1688?
To fix CVE-2020-1688, upgrade to the recommended Juniper JUNOS software version as specified in the security advisory.
Who is affected by CVE-2020-1688?
CVE-2020-1688 affects local authenticated users on Juniper Networks SRX Series and NFX Series devices.
What aspect of security does CVE-2020-1688 compromise?
CVE-2020-1688 compromises the confidentiality of the Web API service private key used for encryption.
What types of Junos versions are affected by CVE-2020-1688?
Versions of Junos ranging from 12.3x48 to 19.4 are affected by CVE-2020-1688.
- agent/type
- agent/title
- agent/weakness
- agent/severity
- agent/references
- agent/author
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/remedy
- agent/first-publish-date
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/juniper
- canonical/junos os evolved
- version/junos os evolved/12.3x48
- version/junos os evolved/12.3x48-d10
- version/junos os evolved/12.3x48-d100
- version/junos os evolved/12.3x48-d15
- version/junos os evolved/12.3x48-d20
- version/junos os evolved/12.3x48-d25
- version/junos os evolved/12.3x48-d30
- version/junos os evolved/12.3x48-d35
- version/junos os evolved/12.3x48-d40
- version/junos os evolved/12.3x48-d45
- version/junos os evolved/12.3x48-d50
- version/junos os evolved/12.3x48-d51
- version/junos os evolved/12.3x48-d55
- version/junos os evolved/12.3x48-d60
- version/junos os evolved/12.3x48-d65
- version/junos os evolved/12.3x48-d70
- version/junos os evolved/12.3x48-d75
- version/junos os evolved/12.3x48-d80
- version/junos os evolved/12.3x48-d90
- version/junos os evolved/12.3x48-d95
- version/junos os evolved/15.1x49
- version/junos os evolved/15.1x49-d10
- version/junos os evolved/15.1x49-d100
- version/junos os evolved/15.1x49-d110
- version/junos os evolved/15.1x49-d120
- version/junos os evolved/15.1x49-d130
- version/junos os evolved/15.1x49-d140
- version/junos os evolved/15.1x49-d15
- version/junos os evolved/15.1x49-d150
- version/junos os evolved/15.1x49-d160
- version/junos os evolved/15.1x49-d170
- version/junos os evolved/15.1x49-d180
- version/junos os evolved/15.1x49-d20
- version/junos os evolved/15.1x49-d25
- version/junos os evolved/15.1x49-d30
- version/junos os evolved/15.1x49-d35
- version/junos os evolved/15.1x49-d40
- version/junos os evolved/15.1x49-d45
- version/junos os evolved/15.1x49-d50
- version/junos os evolved/15.1x49-d55
- version/junos os evolved/15.1x49-d60
- version/junos os evolved/15.1x49-d65
- version/junos os evolved/15.1x49-d70
- version/junos os evolved/15.1x49-d75
- version/junos os evolved/15.1x49-d80
- version/junos os evolved/15.1x49-d90
- version/junos os evolved/16.1
- version/junos os evolved/16.1-r1
- version/junos os evolved/16.1-r2
- version/junos os evolved/16.1-r3
- version/junos os evolved/16.1-r3-s10
- version/junos os evolved/16.1-r3-s11
- version/junos os evolved/16.1-r4
- version/junos os evolved/16.1-r4-s12
- version/junos os evolved/16.1-r4-s2
- version/junos os evolved/16.1-r4-s3
- version/junos os evolved/16.1-r4-s4
- version/junos os evolved/16.1-r4-s6
- version/junos os evolved/16.1-r5
- version/junos os evolved/16.1-r5-s4
- version/junos os evolved/16.1-r6-s1
- version/junos os evolved/16.1-r6-s6
- version/junos os evolved/16.1-r7
- version/junos os evolved/16.1-r7-s2
- version/junos os evolved/16.1-r7-s3
- version/junos os evolved/16.1-r7-s4
- version/junos os evolved/16.1-r7-s5
- version/junos os evolved/16.1-r7-s6
- version/junos os evolved/16.1-r7-s7
- version/junos os evolved/17.2
- version/junos os evolved/17.2-r1
- version/junos os evolved/17.2-r1-s1
- version/junos os evolved/17.2-r1-s2
- version/junos os evolved/17.2-r1-s3
- version/junos os evolved/17.2-r1-s4
- version/junos os evolved/17.2-r1-s5
- version/junos os evolved/17.2-r1-s7
- version/junos os evolved/17.2-r1-s8
- version/junos os evolved/17.2-r2
- version/junos os evolved/17.2-r2-s11
- version/junos os evolved/17.2-r2-s6
- version/junos os evolved/17.2-r2-s7
- version/junos os evolved/17.2-r3-s1
- version/junos os evolved/17.2-r3-s2
- version/junos os evolved/17.2-r3-s3
- version/junos os evolved/17.3
- version/junos os evolved/17.3-r1-s1
- version/junos os evolved/17.3-r2
- version/junos os evolved/17.3-r2-s1
- version/junos os evolved/17.3-r2-s2
- version/junos os evolved/17.3-r2-s3
- version/junos os evolved/17.3-r2-s4
- version/junos os evolved/17.3-r2-s5
- version/junos os evolved/17.3-r3
- version/junos os evolved/17.3-r3-s1
- version/junos os evolved/17.3-r3-s2
- version/junos os evolved/17.3-r3-s3
- version/junos os evolved/17.3-r3-s4
- version/junos os evolved/17.3-r3-s7
- version/junos os evolved/17.4
- version/junos os evolved/17.4-r1
- version/junos os evolved/17.4-r1-s1
- version/junos os evolved/17.4-r1-s2
- version/junos os evolved/17.4-r1-s4
- version/junos os evolved/17.4-r1-s5
- version/junos os evolved/17.4-r1-s6
- version/junos os evolved/17.4-r1-s7
- version/junos os evolved/17.4-r2
- version/junos os evolved/17.4-r2-s1
- version/junos os evolved/17.4-r2-s10
- version/junos os evolved/17.4-r2-s2
- version/junos os evolved/17.4-r2-s3
- version/junos os evolved/17.4-r2-s4
- version/junos os evolved/17.4-r2-s5
- version/junos os evolved/17.4-r2-s6
- version/junos os evolved/17.4-r2-s7
- version/junos os evolved/17.4-r2-s8
- version/junos os evolved/17.4-r2-s9
- version/junos os evolved/18.1
- version/junos os evolved/18.1-r1
- version/junos os evolved/18.1-r2
- version/junos os evolved/18.1-r2-s1
- version/junos os evolved/18.1-r2-s2
- version/junos os evolved/18.1-r2-s4
- version/junos os evolved/18.1-r3
- version/junos os evolved/18.1-r3-s1
- version/junos os evolved/18.1-r3-s2
- version/junos os evolved/18.1-r3-s3
- version/junos os evolved/18.1-r3-s4
- version/junos os evolved/18.1-r3-s6
- version/junos os evolved/18.2
- version/junos os evolved/18.2-r1
- version/junos os evolved/18.2-r1-s3
- version/junos os evolved/18.2-r1-s4
- version/junos os evolved/18.2-r1-s5
- version/junos os evolved/18.2-r2
- version/junos os evolved/18.2-r2-s1
- version/junos os evolved/18.2-r2-s2
- version/junos os evolved/18.2-r2-s3
- version/junos os evolved/18.2-r2-s4
- version/junos os evolved/18.2-r2-s5
- version/junos os evolved/18.2-r2-s6
- version/junos os evolved/18.3
- version/junos os evolved/18.3-r1
- version/junos os evolved/18.3-r1-s1
- version/junos os evolved/18.3-r1-s2
- version/junos os evolved/18.3-r1-s3
- version/junos os evolved/18.3-r1-s5
- version/junos os evolved/18.3-r1-s6
- version/junos os evolved/18.3-r2
- version/junos os evolved/18.3-r2-s1
- version/junos os evolved/18.3-r2-s2
- version/junos os evolved/18.3-r2-s3
- version/junos os evolved/18.4
- version/junos os evolved/18.4-r1
- version/junos os evolved/18.4-r1-s1
- version/junos os evolved/18.4-r1-s2
- version/junos os evolved/18.4-r1-s5
- version/junos os evolved/18.4-r1-s6
- version/junos os evolved/19.1
- version/junos os evolved/19.1-r1
- version/junos os evolved/19.1-r1-s1
- version/junos os evolved/19.1-r1-s2
- version/junos os evolved/19.1-r1-s3
- version/junos os evolved/19.1-r1-s4
- version/junos os evolved/19.2
- version/junos os evolved/19.2-r1
- version/junos os evolved/19.2-r1-s1
- version/junos os evolved/19.2-r1-s2
- version/junos os evolved/19.2-r1-s3
- canonical/juniper nfx
- canonical/juniper nfx series
- canonical/juniper srx1500
- canonical/juniper srx300
- canonical/juniper srx320
- canonical/juniper srx340
- canonical/juniper srx345
- canonical/juniper srx380
- canonical/juniper srx4100
- canonical/juniper srx4200
- canonical/juniper srx4600
- canonical/juniper srx5400
- canonical/juniper srx550
- canonical/juniper srx5600
- canonical/juniper srx5800