An Improper Physical Access Control vulnerability in the console port control of Juniper Networks Junos OS Evolved allows an attacker with physical access to the device to get access to a user account.
When the console cable is disconnected, the logged in user is not logged out. This allows a malicious attacker with physical access to the console to resume a previous session and possibly gain administrative privileges.
This issue affects Junos OS Evolved:
* from 23.2R2-EVO before 23.2R2-S1-EVO,
* from 23.4R1-EVO before 23.4R2-EVO.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://supportportal.juniper.net/JSA82977 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: juniper
Published: 2024-07-10T23:02:05.458Z
Updated: 2024-08-02T04:26:15.874Z
Reserved: 2024-06-25T15:12:53.237Z
Link: CVE-2024-39512
Vulnrichment
Updated: 2024-07-12T16:25:26.782Z
NVD
Status : Awaiting Analysis
Published: 2024-07-10T23:15:10.393
Modified: 2024-11-21T09:27:53.347
Link: CVE-2024-39512
Redhat
No data.