Vulnerability Description
An Improper Certificate Validation weakness in the SRX Series Application Identification (app-id) signature update client of Juniper Networks Junos OS allows an attacker to perform Man-in-the-Middle (MitM) attacks which may compromise the integrity and confidentiality of the device. This issue affects: Juniper Networks Junos OS 15.1X49 versions prior to 15.1X49-D120 on SRX Series devices. No other versions of Junos OS are affected.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Juniper | Junos | 15.1x49 |
| Juniper | Csrx | - |
| Juniper | Srx100 | - |
| Juniper | Srx110 | - |
| Juniper | Srx1400 | - |
| Juniper | Srx1500 | - |
| Juniper | Srx210 | - |
| Juniper | Srx220 | - |
| Juniper | Srx240 | - |
| Juniper | Srx300 | - |
| Juniper | Srx320 | - |
| Juniper | Srx340 | - |
| Juniper | Srx3400 | - |
| Juniper | Srx345 | - |
| Juniper | Srx3600 | - |
| Juniper | Srx4100 | - |
| Juniper | Srx4200 | - |
| Juniper | Srx4600 | - |
| Juniper | Srx5400 | - |
| Juniper | Srx550 | - |
Related Weaknesses (CWE)
References
- https://kb.juniper.net/JSA10952Vendor Advisory
- https://www.juniper.net/documentation/en_US/junos/topics/topic-map/security-applVendor Advisory
- https://kb.juniper.net/JSA10952Vendor Advisory
- https://www.juniper.net/documentation/en_US/junos/topics/topic-map/security-applVendor Advisory
FAQ
What is CVE-2019-0054?
CVE-2019-0054 is a vulnerability with a CVSS score of 6.8 (MEDIUM). An Improper Certificate Validation weakness in the SRX Series Application Identification (app-id) signature update client of Juniper Networks Junos OS allows an attacker to perform Man-in-the-Middle (...
How severe is CVE-2019-0054?
CVE-2019-0054 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-0054?
Check the references section above for vendor advisories and patch information. Affected products include: Juniper Junos, Juniper Csrx, Juniper Srx100, Juniper Srx110, Juniper Srx1400.