CVE-2023-28973 Junos OS Evolved: The 'sysmanctl' shell command allows a local user to gain access to some administrative actions

🗓️ 17 Apr 2023 00:00:00Reported by juniperType

Junos OS Evolved 'sysmanctl' shell command allows local user administrative acces

Reporter	Title	Published	Views	Family All 11
BDU FSTEC	The vulnerability of Juniper Networks’ Junos OS Evolved operating system, related to deficiencies in authentication procedures, allows attackers to execute arbitrary commands.	6 Jun 202300:00	–	bdu_fstec
Circl	CVE-2023-28973	18 Apr 202302:28	–	circl
CNNVD	Juniper Networks Junos OS Evolved 授权问题漏洞	17 Apr 202300:00	–	cnnvd
CVE	CVE-2023-28973	17 Apr 202300:00	–	cve
EUVD	EUVD-2023-32591	3 Oct 202520:07	–	euvd
NCSC	Vulnerabilities fixed in Juniper JunOS	13 Apr 202300:00	–	ncsc
NVD	CVE-2023-28973	17 Apr 202322:15	–	nvd
OSV	CVE-2023-28973	17 Apr 202322:15	–	osv
Prion	Authorization	17 Apr 202322:15	–	prion
Positive Technologies	PT-2023-3000 · Juniper Networks · Junos Evolved	12 Apr 202300:00	–	ptsecurity

[
  {
    "vendor": "Juniper Networks",
    "product": "Junos OS Evolved",
    "versions": [
      {
        "version": "unspecified",
        "lessThan": "20.4R3-S5-EVO",
        "status": "affected",
        "versionType": "custom"
      },
      {
        "version": "21.2",
        "status": "affected",
        "lessThan": "21.2R3-EVO",
        "versionType": "custom"
      },
      {
        "version": "21.3",
        "status": "affected",
        "lessThan": "21.3R2-EVO",
        "versionType": "custom"
      },
      {
        "version": "21.4",
        "status": "affected",
        "lessThan": "21.4R1-S2-EVO, 21.4R2-EVO",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
supportportal	www.supportportal.juniper.net/JSA70597

17 Apr 2023 00:00Current

7.4High risk

Vulners AI Score7.4

CVSS 3.17.1

EPSS0.00105

CWE-285