CVE-2020-1624— Juniper Networks Junos OS Evolved 日志信息泄露漏洞
新しい脆弱性情報の通知を購読するログインして購読
I. CVE-2020-1624の基本情報
脆弱性情報
脆弱性についてご質問がありますか?Shenlongの分析が参考になるかご確認ください!
Shenlongの10の質問を表示 ↗ 高度な大規模言語モデル技術を使用していますが、出力には不正確または古い情報が含まれる可能性があります。Shenlongはデータの正確性を確保するよう努めていますが、実際の状況に基づいて検証・判断してください。
脆弱性タイトル
Junos OS Evolved: objmon logs may leak sensitive information
ソース: NVD (National Vulnerability Database)
脆弱性説明
A local, authenticated user with shell can obtain the hashed values of login passwords and shared secrets via raw objmon configuration files. This issue affects all versions of Junos OS Evolved prior to 19.1R1.
ソース: NVD (National Vulnerability Database)
CVSS情報
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
ソース: NVD (National Vulnerability Database)
脆弱性タイプ
通过日志文件的信息暴露
ソース: NVD (National Vulnerability Database)
脆弱性タイトル
Juniper Networks Junos OS Evolved 日志信息泄露漏洞
ソース: CNNVD (China National Vulnerability Database)
脆弱性説明
Juniper Networks Junos OS是美国瞻博网络(Juniper Networks)公司的一套专用于该公司的硬件设备的网络操作系统。该操作系统提供了安全编程接口和Junos SDK。Junos OS Evolved是Junos OS的升级版。 Juniper Networks Junos OS Evolved 19.1R1之前版本中存在日志信息泄露漏洞。该漏洞源于网络系统或产品的日志文件非正常输出。
ソース: CNNVD (China National Vulnerability Database)
CVSS情報
N/A
ソース: CNNVD (China National Vulnerability Database)
脆弱性タイプ
N/A
ソース: CNNVD (China National Vulnerability Database)
影響を受ける製品
| ベンダー | プロダクト | 影響を受けるバージョン | CPE | 購読 |
|---|---|---|---|---|
| Juniper Networks | Junos OS Evolved | unspecified ~ 19.1R1-EVO | - |
II. CVE-2020-1624の公開POC
| # | POC説明 | ソースリンク | Shenlongリンク |
|---|
AI生成POCプレミアム
公開POCは見つかりませんでした。
ログインしてAI POCを生成III. CVE-2020-1624のインテリジェンス情報
请登录查看更多情报信息。
Same Patch Batch · Juniper Networks · 2020-04-08 · 22 CVEs total
| CVE-2020-1614 | 10.0 CRITICAL | NFX250 Series: Hardcoded credentials in the vSRX VNF instance. |
| CVE-2020-1615 | 9.8 CRITICAL | Junos OS: vMX: Default credentials supplied in vMX configuration |
| CVE-2020-1613 | 8.6 HIGH | Junos OS: BGP session termination upon receipt of specific BGP FlowSpec advertisement. |
| CVE-2020-1639 | 7.5 HIGH | Junos OS: A crafted Ethernet OAM packet received by Junos may cause the Ethernet OAM conne |
| CVE-2020-1617 | 7.5 HIGH | Junos OS: PTX1000 and PTX10000 Series, QFX10000 Series using non-AFT architectures: A spec |
| CVE-2020-1626 | 7.5 HIGH | Junos OS Evolved: Denial of Service vulnerability in processing high rate of specific pack |
| CVE-2020-1627 | 7.5 HIGH | Junos OS: vMX and MX150: Denial of Service vulnerability in packet processing |
| CVE-2020-1634 | 7.5 HIGH | Junos OS: High-End SRX Series: Multicast traffic might cause all FPCs to reset. |
| CVE-2020-1638 | 7.5 HIGH | Junos OS & Junos OS Evolved: A specific IPv4 packet can lead to FPC restart. |
| CVE-2020-1637 | 7.2 HIGH | Junos OS: SRX Series: Unified Access Control (UAC) bypass vulnerability |
| CVE-2020-1625 | 6.5 MEDIUM | Junos OS: Kernel memory leak in virtual-memory due to interface flaps |
| CVE-2020-1618 | 6.3 MEDIUM | Junos OS: EX and QFX Series: Console port authentication bypass vulnerability |
| CVE-2020-1619 | 6.0 MEDIUM | Junos OS: QFX10K Series, EX9200 Series, MX Series, PTX Series: Privilege escalation vulner |
| CVE-2020-1629 | 5.9 MEDIUM | Junos OS: A race condition vulnerability may cause RPD daemon to crash when processing a B |
| CVE-2020-1622 | 5.5 MEDIUM | Junos OS Evolved: EvoSharedObjStore may leak sensitive information |
| CVE-2020-1623 | 5.5 MEDIUM | Junos OS Evolved: ev.ops file may leak sensitive information |
| CVE-2020-1620 | 5.5 MEDIUM | Junos OS Evolved: Configd leaks hashes via log file and is world readable |
| CVE-2020-1621 | 5.5 MEDIUM | Junos OS Evolved: Configd leaks hashes via stream and is world readable |
| CVE-2020-1628 | 5.3 MEDIUM | Junos OS: EX4300: Traffic from the network internal to the device (128.0.0.0) may be forwa |
| CVE-2020-1616 | 5.3 MEDIUM | JATP Series: JATP Is susceptible to slow brute force attacks on the SSH service. |
Showing 20 of 22 CVEs. View all on vendor page →
IV. 関連脆弱性
同じ製品: Junos OS Evolved
- CVE-2026-33783
Junos OS Evolved: PTX Series: If SRTE tunnels provisioned vi - CVE-2026-33788
Junos OS Evolved: Local, authenticated attacker can gain pri - CVE-2025-59969
Junos OS Evolved: QFX5000 Series and PTX Series: An attacker - CVE-2026-21902
Junos OS Evolved: PTX Series: A vulnerability allows a unaut - CVE-2026-21911
Junos OS Evolved: Flapping management interface causes MAC l
同じベンダー: Juniper Networks
- CVE-2026-33791
Junos OS and Junos OS Evolved: Execution of crafted CLI comm - CVE-2026-33790
Junos OS: SRX Series: In a NAT64 configuration, receipt of a - CVE-2026-33787
Junos OS: SRX1500, SRX4100, SRX4200, SRX4600: When a specifi - CVE-2026-33785
Junos OS: MX Series: Missing Authorization for specific 'req - CVE-2026-33784
JSI Virtual Lightweight Collector: Default password is not r
同じ弱点: CWE-532
- CVE-2026-42282
n8n-MCP: Sensitive MCP tool-call arguments logged on authent - CVE-2026-41495
n8n-MCP Logs Sensitive Request Data on Unauthorized /mcp Req - CVE-2026-41004
VMware Spring Cloud Config 日志信息泄露漏洞 - CVE-2024-30151
HCL BigFix Service Management (SM) is susceptible to Broken - CVE-2026-7824
PaperCut Hive (Ricoh): Plain text password in logs
V. CVE-2020-1624へのコメント
まだコメントはありません