CVE-2020-1624

A local, authenticated user with shell can obtain the hashed values of login passwords and shared secrets via raw objmon configuration files. This issue affects all versions of Junos OS Evolved prior to 19.1R1.

Published: Apr 8, 2020
Updated: Apr 13, 2023
CVE: CVE-2020-1624
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 5.5
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CVSS v2:

Severity: Low
Score: 2.1
AV:L/AC:L/Au:N/C:P/I:N/A:N

CWEs:

CWE-532

Affected Software
References

Software	From	Fixed in
juniper / junos_os_evolved	-	19.1r1

https://kb.juniper.net/JSA11003

Vulnerability Database

289,697

CVE-2020-1624