Vulnerability Description
An Exposure of Sensitive Information vulnerability in the 'file copy' command of Junos OS Evolved allows a local, authenticated attacker with shell access to view passwords supplied on the CLI command-line. These credentials can then be used to provide unauthorized access to the remote system. This issue affects Juniper Networks Junos OS Evolved: * All versions prior to 20.4R3-S7-EVO; * 21.1 versions 21.1R1-EVO and later; * 21.2 versions prior to 21.2R3-S5-EVO; * 21.3 versions prior to 21.3R3-S4-EVO; * 21.4 versions prior to 21.4R3-S4-EVO; * 22.1 versions prior to 22.1R3-S2-EVO; * 22.2 versions prior to 22.2R2-EVO.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Juniper | Junos Os Evolved | < 20.4 |
Related Weaknesses (CWE)
References
- https://supportportal.juniper.net/JSA73151Vendor Advisory
- https://supportportal.juniper.net/JSA73151Vendor Advisory
FAQ
What is CVE-2023-44187?
CVE-2023-44187 is a vulnerability with a CVSS score of 5.9 (MEDIUM). An Exposure of Sensitive Information vulnerability in the 'file copy' command of Junos OS Evolved allows a local, authenticated attacker with shell access to view passwords supplied on the CLI command...
How severe is CVE-2023-44187?
CVE-2023-44187 has been rated MEDIUM with a CVSS base score of 5.9/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-44187?
Check the references section above for vendor advisories and patch information. Affected products include: Juniper Junos Os Evolved.