CVE-2020-1623

Summary

A local, authenticated user with shell can view sensitive configuration information via the ev.ops configuration file. This issue affects all versions of Junos OS Evolved prior to 19.2R1.

Affected Software

VendorProductVersion RangeStatus
Juniper NetworksJunos OS Evolvedunspecified < 19.2R1-EVOaffected

Weaknesses

  • CWE-532: CWE-532 Information Exposure Through Log Files

Workarounds

Limit access to the Junos OS shell to only trusted system administrators with a need for access below the Junos CLI.

ADP Enrichment

CVE Program Container

Additional References

References