CVE-2020-1622

MEDIUM

Juniper Junos OS Evolved < 19.1r1 - Log Information Exposure

Title source: rule

Description

A local, authenticated user with shell can obtain the hashed values of login passwords and shared secrets via the EvoSharedObjStore. This issue affects all versions of Junos OS Evolved prior to 19.1R1.

References (1)

[Vendor Advisory] https://kb.juniper.net/JSA11003

Scores

CVSS v3 5.5

EPSS 0.0013

EPSS Percentile 31.9%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Details

CWE

CWE-532 CWE-664

Status published

Products (1)

juniper/junos_os_evolved < 19.1r1

Published Apr 08, 2020

Tracked Since Feb 18, 2026