The system console configuration option 'log-out-on-disconnect' In Juniper Networks Junos OS Evolved fails to log out an active CLI session when the console cable is disconnected. This could allow a malicious attacker with physical access to the console the ability to resume a previous interactive session and possibly gain administrative privileges. This issue affects all Juniper Networks Junos OS Evolved versions after 18.4R1-EVO, prior to 20.2R1-EVO.
References
| Link | Resource |
|---|---|
| https://kb.juniper.net/JSA11063 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
25 Oct 2021, 15:20
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:o:juniper:junos_evolved:19.4:r1:*:*:*:*:*:* cpe:2.3:o:juniper:junos_evolved:20.1:r1:*:*:*:*:*:* cpe:2.3:o:juniper:junos_evolved:19.2:r1:*:*:*:*:*:* cpe:2.3:o:juniper:junos_evolved:19.2:r2:*:*:*:*:*:* |
cpe:2.3:o:juniper:junos_os_evolved:19.3:r2:*:*:*:*:*:* cpe:2.3:o:juniper:junos_os_evolved:19.2:r1:*:*:*:*:*:* cpe:2.3:o:juniper:junos_os_evolved:19.2:r2:*:*:*:*:*:* cpe:2.3:o:juniper:junos_os_evolved:19.4:r1:*:*:*:*:*:* cpe:2.3:o:juniper:junos_os_evolved:20.1:r1:*:*:*:*:*:* |
23 Oct 2021, 13:20
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:o:juniper:junos_evolved:19.4:r2:*:*:*:*:*:* |
cpe:2.3:o:juniper:junos_os_evolved:19.4:r2-s1:*:*:*:*:*:* cpe:2.3:o:juniper:junos_os_evolved:19.4:r2:*:*:*:*:*:* |
Information
Published : 2020-10-16 21:15
Updated : 2023-12-10 13:41
NVD link : CVE-2020-1666
Mitre link : CVE-2020-1666
CVE.ORG link : CVE-2020-1666
JSON object : View
Products Affected
juniper
- junos_os_evolved