An Improper Physical Access Control vulnerability in the console port control of Juniper Networks Junos OS Evolved allows an attacker with physical access to the device to get access to a user account. When the console cable is disconnected, the logged in user is not logged out. This allows a malicious attacker with physical access to the console to resume a previous session and possibly gain administrative privileges. This issue affects Junos OS Evolved: * from 23.2R2-EVO before 23.2R2-S1-EVO, * from 23.4R1-EVO before 23.4R2-EVO.
CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:XJuniper Junos Os Evolved
OSJuniper23.223.4
Related vulnerabilities
RCE jako root w Juniper Junos OS Evolved — błędne uprawnienia do krytycznego zasobu
An improper check for unusual or exceptional conditions in Juniper Networks Junos OS and Junos OS Evolved Rout...
A Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in the advanced forward...
An Incorrect Synchronization vulnerability in the management daemon (mgd) of Juniper Networks Junos OS and Jun...
A Missing Release of Memory after Effective Lifetime vulnerability in the Layer 2 Address Learning Daemon (l2a...