Published: 17/04/2023 Updated: 02/05/2023

CVSS v3 Base Score: 5.3 | Impact Score: 1.4 | Exploitability Score: 3.9

VMScore: 0

An Insecure Default Initialization of Resource vulnerability in Juniper Networks Junos OS Evolved allows an unauthenticated, network based malicious user to read certain confidential information. In the default configuration it is possible to read confidential information about locally configured (administrative) users of the affected system. This issue affects Juniper Networks Junos OS Evolved: All versions before 20.4R3-S7-EVO on pending commit???; 21.1-EVO versions before 21.1R3-S4-EVO on awaiting build; 21.4-EVO versions before 21.4R3-S1-EVO; 22.2-EVO versions before 22.2R3-EVO; 21.2-EVO versions before 21.2R3-S5-EVO on pending commit???; 21.3-EVO version 21.3R1-EVO and later versions; 22.1-EVO version 22.1R1-EVO and later versions; 22.2-EVO versions before 22.2R2-S1-EVO.

Vulnerable Product	Search on Vulmon	Subscribe to Product
juniper junos os evolved 20.4
juniper junos os evolved 21.1
juniper junos os evolved 21.2
juniper junos os evolved 21.3
juniper junos os evolved
juniper junos os evolved 21.4
juniper junos os evolved 22.1
juniper junos os evolved 22.2

CWE-1188 https://supportportal.juniper.net/JSA70603 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2023-28978

Vulnerability Summary

Vulnerability Trend

References

Vulmon Search

About

Products

Connect