← back
CVE-2020-1624

Junos OS Evolved: objmon logs may leak sensitive information

CVSS 5.5 MEDIUMEPSS 0.3%CWE-532
A local, authenticated user with shell can obtain the hashed values of login passwords and shared secrets via raw objmon configuration files. This issue affects all versions of Junos OS Evolved prior to 19.1R1.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Affected products
Juniper Networks · Junos OS Evolved

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://kb.juniper.net/JSA11003