What is CVE-2019-0070?

CVE-2019-0070 is a high-severity vulnerability in Juniper Junos, classified under Improper Input Validation. CVSS score: 8.8/10. Published 2019-10-09.

How severe is CVE-2019-0070?

High severity. CVSS v3 base score is 8.8 out of 10.

Improper input validation in Juniper Junos

CVE-2019-0070

An Improper Input Validation weakness allows a malicious local attacker to elevate their permissions to take control of other portions of the NFX platform they should not be able to access, and execute commands outside their authorized sco…

Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)

EPSS: 0.004 (31.2th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.8 (High). Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H.

Affected products

Juniper Junos — versions 18.2
Juniper Nfx150
Juniper Nfx250
Juniper Networks Junos Os — versions unspecified

Weakness classification (CWE)

CWE-20 — Improper Input Validation

References

sirt@juniper.net (x_refsource_MISC, Vendor Advisory)

Frequently asked questions

What is CVE-2019-0070?: CVE-2019-0070 is a high-severity vulnerability in Juniper Junos, classified under Improper Input Validation. CVSS score: 8.8/10. Published 2019-10-09.
How severe is CVE-2019-0070?: High severity. CVSS v3 base score is 8.8 out of 10.