How severe is CVE-2024-39532?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.3 out of 10.

What type of vulnerability is CVE-2024-39532?

This is classified as CWE-532, which is a common weakness in software security.

CVE-2024-39532 - MEDIUM Severity | CVSS 6.3

Vulnerability Description

An Insertion of Sensitive Information into Log File vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows a local, authenticated attacker with high privileges to access sensitive information. When another user performs a specific operation, sensitive information is stored as plain text in a specific log file, so that a high-privileged attacker has access to this information. This issue affects: Junos OS: * All versions before 21.2R3-S9; * 21.4 versions before 21.4R3-S9; * 22.2 versions before 22.2R2-S1, 22.2R3; * 22.3 versions before 22.3R1-S1, 22.3R2; Junos OS Evolved: * All versions before before 22.1R3-EVO; * 22.2-EVO versions before 22.2R2-S1-EVO, 22.2R3-EVO; * 22.3-EVO versions before 22.3R1-S1-EVO, 22.3R2-EVO.

Related Vulnerabilities

CVE-2023-29002

MEDIUM

CVSS:6.3(Medium)

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. When run in debug mode, Cilium will log the contents of the `cilium-secrets` namespace. This could include da...

CWE-5322023

CVE-2023-4380

MEDIUM

CVSS:6.3(Medium)

A logic flaw exists in Ansible Automation platform. Whenever a private project is created with incorrect credentials, they are logged in plaintext. This flaw allows an attacker to retrieve the credent...

CWE-5322023

CVE-2025-24389

MEDIUM

CVSS:6.3(Medium)

Certain errors of the upstream libraries will insert sensitive information in the OTRS or ((OTRS)) Community Edition log mechanism and mails send to the system administrator. This issue affects: * OTR...

CWE-5322025

CVE-2017-5137

MEDIUM

CVSS:6.2(Medium)

An issue was discovered on SendQuick Entera and Avera devices before 2HF16. An attacker could request and download the SMS logs from an unauthenticated perspective.

CWE-5322017

CVE-2021-20536

MEDIUM

CVSS:6.2(Medium)

IBM Spectrum Protect Plus File Systems Agent 10.1.6 and 10.1.7 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 198836.

CWE-5322021

CVE-2023-40694

MEDIUM

CVSS:6.2(Medium)

IBM Watson CP4D Data Stores 4.0.0 through 4.8.4 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 264838.

CWE-5322023