GHSA-8h3p-5f62-5ppm

Опубликовано: 11 окт. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 5.9

Описание

This issue affects Juniper Networks Junos OS Evolved:

All versions prior to 20.4R3-S7-EVO;
21.1 versions 21.1R1-EVO and later;
21.2 versions prior to 21.2R3-S5-EVO;
21.3 versions prior to 21.3R3-S4-EVO;
21.4 versions prior to 21.4R3-S4-EVO;
22.1 versions prior to 22.1R3-S2-EVO;
22.2 versions prior to 22.2R2-EVO.

This issue affects Juniper Networks Junos OS Evolved:

All versions prior to 20.4R3-S7-EVO;
21.1 versions 21.1R1-EVO and later;
21.2 versions prior to 21.2R3-S5-EVO;
21.3 versions prior to 21.3R3-S4-EVO;
21.4 versions prior to 21.4R3-S4-EVO;
22.1 versions prior to 22.1R3-S2-EVO;
22.2 versions prior to 22.2R2-EVO.

Ссылки

EPSS

Процентиль: 11%

0.00038

Низкий

5.9 Medium

CVSS3

CVE ID

CVE-2023-44187

Дефекты

CWE-200

Связанные уязвимости

CVE-2023-44187

CVSS3: 5.9

nvd

больше 2 лет назад

An Exposure of Sensitive Information vulnerability in the 'file copy' command of Junos OS Evolved allows a local, authenticated attacker with shell access to view passwords supplied on the CLI command-line. These credentials can then be used to provide unauthorized access to the remote system. This issue affects Juniper Networks Junos OS Evolved: * All versions prior to 20.4R3-S7-EVO; * 21.1 versions 21.1R1-EVO and later; * 21.2 versions prior to 21.2R3-S5-EVO; * 21.3 versions prior to 21.3R3-S4-EVO; * 21.4 versions prior to 21.4R3-S4-EVO; * 22.1 versions prior to 22.1R3-S2-EVO; * 22.2 versions prior to 22.2R2-EVO.

BDU:2023-06952

CVSS3: 5.9

fstec

больше 2 лет назад

Уязвимость операционной системы Juniper Networks Junos OS Evolved, связанная с отсутствием защиты служебных данных, позволяющая нарушителю раскрыть защищаемую информацию

EPSS

Процентиль: 11%

0.00038

Низкий

5.9 Medium

CVSS3

CVE ID

CVE-2023-44187

Дефекты

CWE-200