CVE-2024-30406 - Vulnerability Details

CVE-2024-30406 - Junos OS Evolved: ACX Series with Paragon Active Assurance Test Agent: A local high privileged attacker can recover other administrators credentials

A Cleartext Storage in a File on Disk vulnerability in Juniper Networks Junos OS Evolved ACX Series devices using the Paragon Active Assurance Test Agent software installed on network devices allows a local, authenticated attacker with high privileges to read all other users login credentials. This issue affects only Juniper Networks Junos OS Evolved ACX Series devices using the Paragon Active Assurance Test Agent software installed on these devices from 23.1R1-EVO through 23.2R2-EVO. This issue does not affect releases before 23.1R1-EVO.

Attack Vector Local

Attack Complexity Low

Privileges Required High

Attack Requirements None

User Interaction Passive

Vulnerable System Confidentiality Impact High

Vulnerable System Integrity Impact None

Vulnerable System Availability Impact None

Subsequent System Confidentiality Impact High

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Changed

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00018.

Key SSVC decision points have not yet been added.

Vendors	Products
Juniper	Acx5448 Acx5448-d Acx5448-m Acx7020 Acx7024 Acx7024x Acx710 Acx7100 Acx7300 Acx7509 Junos Os Evolved Paragon Active Assurance Test Agent
Juniper Networks	Junos Os Evolved

Configuration 1 [-]

AND

OR	cpe:2.3:a:juniper:paragon_active_assurance_test_agent:-:::::::*
	cpe:2.3:o:juniper:junos_os_evolved:23.1:-::::::
	cpe:2.3:o:juniper:junos_os_evolved:23.1:r1::::::
	cpe:2.3:o:juniper:junos_os_evolved:23.1:r2::::::
	cpe:2.3:o:juniper:junos_os_evolved:23.1:r3::::::
	cpe:2.3:o:juniper:junos_os_evolved:23.2:-::::::
	cpe:2.3:o:juniper:junos_os_evolved:23.2:r1::::::
	cpe:2.3:o:juniper:junos_os_evolved:23.2:r1-s1::::::
	cpe:2.3:o:juniper:junos_os_evolved:23.2:r1-s2::::::

OR	cpe:2.3:h:juniper:acx5448:-:::::::*
	cpe:2.3:h:juniper:acx5448-d:-:::::::*
	cpe:2.3:h:juniper:acx5448-m:-:::::::*
	cpe:2.3:h:juniper:acx7020:-:::::::*
	cpe:2.3:h:juniper:acx7024:-:::::::*
	cpe:2.3:h:juniper:acx7024x:-:::::::*
	cpe:2.3:h:juniper:acx710:-:::::::*
	cpe:2.3:h:juniper:acx7100:-:::::::*
	cpe:2.3:h:juniper:acx7300:-:::::::*
	cpe:2.3:h:juniper:acx7509:-:::::::*

No data.

OpenCVE Enrichment is a feature of OpenCVE that uses AI to automatically link vendors and products to CVEs. Learn more on GitHub.

Vendors	Products
Juniper Networks	Junos Os Evolved

References

Link	Providers
https://supportportal.juniper.net/JSA79104
https://www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:P/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N
https://www.juniper.net/documentation/us/en/software/junos/cli-reference/topics/ref/statement/services-paa-test-agent.html
https://www.juniper.net/documentation/us/en/software/junos/junos-install-upgrade-evo/topics/topic-map/paa-test-agent-install.html

History

Fri, 23 Jan 2026 16:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Juniper Juniper acx5448 Juniper acx5448-d Juniper acx5448-m Juniper acx7020 Juniper acx7024 Juniper acx7024x Juniper acx710 Juniper acx7100 Juniper acx7300 Juniper acx7509 Juniper junos Os Evolved Juniper paragon Active Assurance Test Agent
CPEs		cpe:2.3:a:juniper:paragon_active_assurance_test_agent:-:::::::* cpe:2.3:h:juniper:acx5448-d:-:::::::* cpe:2.3:h:juniper:acx5448-m:-:::::::* cpe:2.3:h:juniper:acx5448:-:::::::* cpe:2.3:h:juniper:acx7020:-:::::::* cpe:2.3:h:juniper:acx7024:-:::::::* cpe:2.3:h:juniper:acx7024x:-:::::::* cpe:2.3:h:juniper:acx7100:-:::::::* cpe:2.3:h:juniper:acx710:-:::::::* cpe:2.3:h:juniper:acx7300:-:::::::* cpe:2.3:h:juniper:acx7509:-:::::::* cpe:2.3:o:juniper:junos_os_evolved:23.1:-:::::: cpe:2.3:o:juniper:junos_os_evolved:23.1:r1:::::: cpe:2.3:o:juniper:junos_os_evolved:23.1:r2:::::: cpe:2.3:o:juniper:junos_os_evolved:23.1:r3:::::: cpe:2.3:o:juniper:junos_os_evolved:23.2:-:::::: cpe:2.3:o:juniper:junos_os_evolved:23.2:r1-s1:::::: cpe:2.3:o:juniper:junos_os_evolved:23.2:r1-s2:::::: cpe:2.3:o:juniper:junos_os_evolved:23.2:r1::::::
Vendors & Products		Juniper Juniper acx5448 Juniper acx5448-d Juniper acx5448-m Juniper acx7020 Juniper acx7024 Juniper acx7024x Juniper acx710 Juniper acx7100 Juniper acx7300 Juniper acx7509 Juniper junos Os Evolved Juniper paragon Active Assurance Test Agent

MITRE

Status: PUBLISHED

Assigner: juniper

Published: 2024-04-12T15:04:06.515Z

Updated: 2024-08-02T01:32:07.336Z

Reserved: 2024-03-26T23:06:19.981Z

Link: CVE-2024-30406

Vulnrichment

Updated: 2024-08-02T01:32:07.336Z

NVD

Status : Analyzed

Published: 2024-04-12T15:15:25.340

Modified: 2026-01-23T16:28:25.470

Link: CVE-2024-30406

Redhat

No data.

OpenCVE Enrichment

Updated: 2025-07-12T22:09:44Z

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required High

Attack Requirements None

User Interaction Passive

Vulnerable System Confidentiality Impact High

Vulnerable System Integrity Impact None

Vulnerable System Availability Impact None

Subsequent System Confidentiality Impact High

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Changed

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction Required

Affected Vendors & Products

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required High

Attack Requirements None

User Interaction Passive

Vulnerable System Confidentiality Impact High

Vulnerable System Integrity Impact None

Vulnerable System Availability Impact None

Subsequent System Confidentiality Impact High

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Changed

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction Required

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object

JSON object