CVE-2024-39544 Junos OS Evolved: Low privileged local user able to view NETCONF traceoptions files

An Incorrect Default Permissions vulnerability in the command line interface CLI of Juniper Networks Junos OS Evolved allows a low privileged local attacker to view NETCONF traceoptions files, representing an exposure of sensitive information. On all Junos OS Evolved platforms, when NETCONF...

CVE-2024-39546 Junos OS Evolved: Local low-privilege user can gain root permissions leading to privilege escalation

A Missing Authorization vulnerability in the Socket Intercept SI command file interface of Juniper Networks Junos OS Evolved allows an authenticated, low-privilege local attacker to modify certain files, allowing the attacker to cause any command to execute with root privileges leading to privile...

CVE-2024-39562 Junos OS Evolved: A high rate of SSH connections causes a Denial of Service

A Missing Release of Resource after Effective Lifetime vulnerability the xinetd process, responsible for spawning SSH daemon sshd instances, of Juniper Networks Junos OS Evolved allows an unauthenticated network-based attacker to cause a Denial of Service DoS by blocking SSH access for legitimate...

CVE-2024-30406 Junos OS Evolved: ACX Series with Paragon Active Assurance Test Agent: A local high privileged attacker can recover other administrators credentials

A Cleartext Storage in a File on Disk vulnerability in Juniper Networks Junos OS Evolved ACX Series devices using the Paragon Active Assurance Test Agent software installed on network devices allows a local, authenticated attacker with high privileges to read all other users login credentials. Th...

PT-2024-4771 · Juniper Networks · Junos Evolved

Name of the Vulnerable Software and Affected Versions: Juniper Networks Junos OS Evolved versions prior to 23.2R1-S1-EVO Juniper Networks Junos OS Evolved version 23.2R2-EVO Description: A NULL Pointer Dereference issue in the Packet Forwarding Engine PFE of Juniper Networks Junos OS Evolved allo...