CVE-2024-21589 – Paragon Active Assurance Control Center: Information disclosure vulnerability

https://notcve.org/view.php?id=CVE-2024-21589

12 Jan 2024 — An Improper Access Control vulnerability in the Juniper Networks Paragon Active Assurance Control Center allows an unauthenticated network-based attacker to access reports without authenticating, potentially containing sensitive configuration information. A feature was introduced in version 3.1.0 of the Paragon Active Assurance Control Center which allows users to selectively share account data. By exploiting this vulnerability, it is possible to access reports without being logged in, resulting in the oppo... • https://supportportal.juniper.net/JSA75727 • CWE-284: Improper Access Control •