Unrated severityNVD Advisory· Published Oct 11, 2023· Updated Sep 18, 2024
Junos OS Evolved: 'file copy' CLI command can disclose password to shell users
CVE-2023-44187
Description
An Exposure of Sensitive Information vulnerability in the 'file copy' command of Junos OS Evolved allows a local, authenticated attacker with shell access to view passwords supplied on the CLI command-line. These credentials can then be used to provide unauthorized access to the remote system.
This issue affects Juniper Networks Junos OS Evolved: * All versions prior to 20.4R3-S7-EVO; * 21.1 versions 21.1R1-EVO and later; * 21.2 versions prior to 21.2R3-S5-EVO; * 21.3 versions prior to 21.3R3-S4-EVO; * 21.4 versions prior to 21.4R3-S4-EVO; * 22.1 versions prior to 22.1R3-S2-EVO; * 22.2 versions prior to 22.2R2-EVO.
Affected products
2<20.4R3-S7-EVO, >=21.1R1-EVO <21.2R3-S5-EVO, >=21.2 <21.3R3-S4-EVO, >=21.3 <21.4R3-S4-EVO, >=21.4 <22.1R3-S2-EVO, >=22.1 <22.2R2-EVO+ 1 more
- (no CPE)range: <20.4R3-S7-EVO, >=21.1R1-EVO <21.2R3-S5-EVO, >=21.2 <21.3R3-S4-EVO, >=21.3 <21.4R3-S4-EVO, >=21.4 <22.1R3-S2-EVO, >=22.1 <22.2R2-EVO
- (no CPE)range: 0
Patches
Vulnerability mechanics
References
1- supportportal.juniper.net/JSA73151mitrevendor-advisory
News mentions
0No linked articles in our index yet.