An Exposure of Sensitive Information vulnerability in the 'file copy' command of Junos OS Evolved allows a local, authenticated attacker with shell access to view passwords supplied on the CLI command-line. These credentials can then be used to provide unauthorized access to the remote system.
This issue affects Juniper Networks Junos OS Evolved:
* All versions prior to 20.4R3-S7-EVO;
* 21.1 versions 21.1R1-EVO and later;
* 21.2 versions prior to 21.2R3-S5-EVO;
* 21.3 versions prior to 21.3R3-S4-EVO;
* 21.4 versions prior to 21.4R3-S4-EVO;
* 22.1 versions prior to 22.1R3-S2-EVO;
* 22.2 versions prior to 22.2R2-EVO.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://supportportal.juniper.net/JSA73151 |
History
Wed, 18 Sep 2024 15:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: juniper
Published: 2023-10-11T20:37:23.379Z
Updated: 2024-09-18T14:36:44.931Z
Reserved: 2023-09-26T19:30:27.953Z
Link: CVE-2023-44187
Vulnrichment
Updated: 2024-08-02T19:59:51.268Z
NVD
Status : Modified
Published: 2023-10-11T21:15:09.970
Modified: 2024-11-21T08:25:23.983
Link: CVE-2023-44187
Redhat
No data.