← Back

CVE-2023-44187

nvd nist
Published: Oct 11, 2023Modified: Nov 21, 2024

JSON object

Loading...
5.5
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Exploitability: 1.8 / Impact: 3.6
Source: NVD

Description

An Exposure of Sensitive Information vulnerability in the 'file copy' command of Junos OS Evolved allows a local, authenticated attacker with shell access to view passwords supplied on the CLI command-line. These credentials can then be used to provide unauthorized access to the remote system. This issue affects Juniper Networks Junos OS Evolved: * All versions prior to 20.4R3-S7-EVO; * 21.1 versions 21.1R1-EVO and later; * 21.2 versions prior to 21.2R3-S5-EVO; * 21.3 versions prior to 21.3R3-S4-EVO; * 21.4 versions prior to 21.4R3-S4-EVO; * 22.1 versions prior to 22.1R3-S2-EVO; * 22.2 versions prior to 22.2R2-EVO.

Affected (66)

Juniper
1 product
Junos Os Evolved
Configuration A
66 vulnerable
Vulnerable SoftwareAffected Versions
Juniper
Junos Os Evolved
Before 20.4
Junos Os Evolved
Version 20.4
Junos Os Evolved
Version 20.4 r1-s1
Junos Os Evolved
Version 20.4 r1-s2
Junos Os Evolved
Version 20.4 r1
Junos Os Evolved
Version 20.4 r2-s1
Junos Os Evolved
Version 20.4 r2-s2
Junos Os Evolved
Version 20.4 r2-s3
Junos Os Evolved
Version 20.4 r2
Junos Os Evolved
Version 20.4 r3-s1
Junos Os Evolved
Version 20.4 r3-s2
Junos Os Evolved
Version 20.4 r3-s3
Junos Os Evolved
Version 20.4 r3-s4
Junos Os Evolved
Version 20.4 r3-s5
Junos Os Evolved
Version 20.4 r3-s6
Junos Os Evolved
Version 20.4 r3
Junos Os Evolved
Version 21.1
Junos Os Evolved
Version 21.1 r1-s1
Junos Os Evolved
Version 21.1 r1
Junos Os Evolved
Version 21.1 r2
Junos Os Evolved
Version 21.1 r3-s1
Junos Os Evolved
Version 21.1 r3-s2
Junos Os Evolved
Version 21.1 r3-s3
Junos Os Evolved
Version 21.1 r3
Junos Os Evolved
Version 21.2
Junos Os Evolved
Version 21.2 r1-s1
Junos Os Evolved
Version 21.2 r1-s2
Junos Os Evolved
Version 21.2 r1
Junos Os Evolved
Version 21.2 r2-s1
Junos Os Evolved
Version 21.2 r2-s2
Junos Os Evolved
Version 21.2 r2
Junos Os Evolved
Version 21.2 r3-s1
Junos Os Evolved
Version 21.2 r3-s2
Junos Os Evolved
Version 21.2 r3-s3
Junos Os Evolved
Version 21.2 r3-s4
Junos Os Evolved
Version 21.2 r3
Junos Os Evolved
Version 21.3
Junos Os Evolved
Version 21.3 r1-s1
Junos Os Evolved
Version 21.3 r1
Junos Os Evolved
Version 21.3 r2-s1
Junos Os Evolved
Version 21.3 r2-s2
Junos Os Evolved
Version 21.3 r2
Junos Os Evolved
Version 21.3 r3-s1
Junos Os Evolved
Version 21.3 r3-s2
Junos Os Evolved
Version 21.3 r3-s3
Junos Os Evolved
Version 21.3 r3
Junos Os Evolved
Version 21.4
Junos Os Evolved
Version 21.4 r1-s1
Junos Os Evolved
Version 21.4 r1-s2
Junos Os Evolved
Version 21.4 r1
Junos Os Evolved
Version 21.4 r2-s1
Junos Os Evolved
Version 21.4 r2-s2
Junos Os Evolved
Version 21.4 r2
Junos Os Evolved
Version 21.4 r3-s1
Junos Os Evolved
Version 21.4 r3-s2
Junos Os Evolved
Version 21.4 r3-s3
Junos Os Evolved
Version 21.4 r3
Junos Os Evolved
Version 22.1 r1-s1
Junos Os Evolved
Version 22.1 r1-s2
Junos Os Evolved
Version 22.1 r1
Junos Os Evolved
Version 22.1 r2-s1
Junos Os Evolved
Version 22.1 r2
Junos Os Evolved
Version 22.1 r3-s1
Junos Os Evolved
Version 22.1 r3
Junos Os Evolved
Version 22.2 r1-s1
Junos Os Evolved
Version 22.2 r1

Related CWEs

CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (2)

Source: sirt@juniper.net
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.