Vulnerability CVE-2024-39512


Published: 2024-07-10   Modified: 2024-07-11

Description:
An Improper Physical Access Control vulnerability in the console port control of Juniper Networks Junos OS Evolved allows an attacker with physical access to the device to get access to a user account.

When the console cable is disconnected, the logged in user is not logged out. This allows a malicious attacker with physical access to the console to resume a previous session and possibly gain administrative privileges.

This issue affects Junos OS Evolved:
* from 23.2R2-EVO before 23.2R2-S1-EVO, 
* from 23.4R1-EVO before 23.4R2-EVO.

 References:
https://supportportal.juniper.net/JSA82977

Copyright 2024, cxsecurity.com

 

Back to Top