{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2023-28972", "assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "assignerShortName": "juniper", "dateUpdated": "2025-02-26T19:20:42.081Z", "dateReserved": "2023-03-29T00:00:00.000Z", "datePublished": "2023-04-17T00:00:00.000Z"}, "containers": {"cna": {"title": "Junos OS: NFX Series: 'set system ports console insecure' allows root password recovery", "datePublic": "2023-04-12T00:00:00.000Z", "providerMetadata": {"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "shortName": "juniper", "dateUpdated": "2023-04-17T00:00:00.000Z"}, "descriptions": [{"lang": "en", "value": "An Improper Link Resolution Before File Access vulnerability in console port access of Juniper Networks Junos OS on NFX Series allows an attacker to bypass console access controls. When \"set system ports console insecure\" is enabled, root login is disallowed for Junos OS as expected. However, the root password can be changed using \"set system root-authentication plain-text-password\" on NFX Series systems, leading to a possible administrative bypass with physical access to the console. Password recovery, changing the root password from a console, should not have been allowed from an insecure console. This is similar to the vulnerability described in CVE-2019-0035 but affects different platforms and in turn requires a different fix. This issue affects Juniper Networks Junos OS on NFX Series: 19.2 versions prior to 19.2R3-S7; 19.3 versions prior to 19.3R3-S8; 19.4 versions prior to 19.4R3-S12; 20.2 versions prior to 20.2R3-S8; 20.4 versions prior to 20.4R3-S7; 21.1 versions prior to 21.1R3-S5; 21.2 versions prior to 21.2R3-S4; 21.3 versions prior to 21.3R3-S3; 21.4 versions prior to 21.4R3-S2; 22.1 versions prior to 22.1R3-S1; 22.2 versions prior to 22.2R2-S1, 22.2R3; 22.3 versions prior to 22.3R1-S2, 22.3R2."}], "affected": [{"vendor": "Juniper Networks", "product": "Junos OS", "versions": [{"version": "19.2", "status": "affected", "lessThan": "19.2R3-S7", "versionType": "custom"}, {"version": "19.3", "status": "affected", "lessThan": "19.3R3-S8", "versionType": "custom"}, {"version": "19.4", "status": "affected", "lessThan": "19.4R3-S12", "versionType": "custom"}, {"version": "20.2", "status": "affected", "lessThan": "20.2R3-S8", "versionType": "custom"}, {"version": "20.4", "status": "affected", "lessThan": "20.4R3-S7", "versionType": "custom"}, {"version": "21.1", "status": "affected", "lessThan": "21.1R3-S5", "versionType": "custom"}, {"version": "21.2", "status": "affected", "lessThan": "21.2R3-S4", "versionType": "custom"}, {"version": "21.3", "status": "affected", "lessThan": "21.3R3-S3", "versionType": "custom"}, {"version": "21.4", "status": "affected", "lessThan": "21.4R3-S2", "versionType": "custom"}, {"version": "22.1", "status": "affected", "lessThan": "22.1R3-S1", "versionType": "custom"}, {"version": "22.2", "status": "affected", "lessThan": "22.2R2-S1, 22.2R3", "versionType": "custom"}, {"version": "22.3", "status": "affected", "lessThan": "22.3R1-S2, 22.3R2", "versionType": "custom"}], "platforms": ["NFX Series"]}], "references": [{"url": "https://supportportal.juniper.net/JSA70596"}], "credits": [{"lang": "en", "value": "Juniper SIRT would like to acknowledge and thank Petri Saarenmaa from Netum for responsibly reporting this vulnerability."}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector": "PHYSICAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 6.8, "baseSeverity": "MEDIUM"}}], "problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-59 Improper Link Resolution Before File Access ('Link Following')", "cweId": "CWE-59"}]}], "x_generator": {"engine": "Vulnogram 0.0.9"}, "source": {"advisory": "JSA70596", "defect": ["1669072"], "discovery": "EXTERNAL"}, "workarounds": [{"lang": "en", "value": "Limit console access to the device to only trusted administrators."}], "exploits": [{"lang": "en", "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."}], "solutions": [{"lang": "en", "value": "The following software releases have been updated to resolve this specific issue: 19.2R3-S7, 19.3R3-S8, 19.4R3-S12, 20.4R3-S7, 21.1R3-S5, 21.2R3-S4, 21.3R3-S3, 21.4R3-S2, 22.1R3-S1, 22.2R2-S1, 22.2R3, 22.3R1-S2, 22.3R2, 22.4R1, and all subsequent releases.\n"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T13:51:38.970Z"}, "title": "CVE Program Container", "references": [{"url": "https://supportportal.juniper.net/JSA70596", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-02-12T18:59:24.316486Z", "id": "CVE-2023-28972", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-26T19:20:42.081Z"}}]}}

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2023-28972", "assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "assignerShortName": "juniper", "dateUpdated": "2025-02-26T19:20:42.081Z", "dateReserved": "2023-03-29T00:00:00.000Z", "datePublished": "2023-04-17T00:00:00.000Z"}, "containers": {"cna": {"title": "Junos OS: NFX Series: 'set system ports console insecure' allows root password recovery", "datePublic": "2023-04-12T00:00:00.000Z", "providerMetadata": {"orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968", "shortName": "juniper", "dateUpdated": "2023-04-17T00:00:00.000Z"}, "descriptions": [{"lang": "en", "value": "An Improper Link Resolution Before File Access vulnerability in console port access of Juniper Networks Junos OS on NFX Series allows an attacker to bypass console access controls. When \"set system ports console insecure\" is enabled, root login is disallowed for Junos OS as expected. However, the root password can be changed using \"set system root-authentication plain-text-password\" on NFX Series systems, leading to a possible administrative bypass with physical access to the console. Password recovery, changing the root password from a console, should not have been allowed from an insecure console. This is similar to the vulnerability described in CVE-2019-0035 but affects different platforms and in turn requires a different fix. This issue affects Juniper Networks Junos OS on NFX Series: 19.2 versions prior to 19.2R3-S7; 19.3 versions prior to 19.3R3-S8; 19.4 versions prior to 19.4R3-S12; 20.2 versions prior to 20.2R3-S8; 20.4 versions prior to 20.4R3-S7; 21.1 versions prior to 21.1R3-S5; 21.2 versions prior to 21.2R3-S4; 21.3 versions prior to 21.3R3-S3; 21.4 versions prior to 21.4R3-S2; 22.1 versions prior to 22.1R3-S1; 22.2 versions prior to 22.2R2-S1, 22.2R3; 22.3 versions prior to 22.3R1-S2, 22.3R2."}], "affected": [{"vendor": "Juniper Networks", "product": "Junos OS", "versions": [{"version": "19.2", "status": "affected", "lessThan": "19.2R3-S7", "versionType": "custom"}, {"version": "19.3", "status": "affected", "lessThan": "19.3R3-S8", "versionType": "custom"}, {"version": "19.4", "status": "affected", "lessThan": "19.4R3-S12", "versionType": "custom"}, {"version": "20.2", "status": "affected", "lessThan": "20.2R3-S8", "versionType": "custom"}, {"version": "20.4", "status": "affected", "lessThan": "20.4R3-S7", "versionType": "custom"}, {"version": "21.1", "status": "affected", "lessThan": "21.1R3-S5", "versionType": "custom"}, {"version": "21.2", "status": "affected", "lessThan": "21.2R3-S4", "versionType": "custom"}, {"version": "21.3", "status": "affected", "lessThan": "21.3R3-S3", "versionType": "custom"}, {"version": "21.4", "status": "affected", "lessThan": "21.4R3-S2", "versionType": "custom"}, {"version": "22.1", "status": "affected", "lessThan": "22.1R3-S1", "versionType": "custom"}, {"version": "22.2", "status": "affected", "lessThan": "22.2R2-S1, 22.2R3", "versionType": "custom"}, {"version": "22.3", "status": "affected", "lessThan": "22.3R1-S2, 22.3R2", "versionType": "custom"}], "platforms": ["NFX Series"]}], "references": [{"url": "https://supportportal.juniper.net/JSA70596"}], "credits": [{"lang": "en", "value": "Juniper SIRT would like to acknowledge and thank Petri Saarenmaa from Netum for responsibly reporting this vulnerability."}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector": "PHYSICAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 6.8, "baseSeverity": "MEDIUM"}}], "problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-59 Improper Link Resolution Before File Access ('Link Following')", "cweId": "CWE-59"}]}], "x_generator": {"engine": "Vulnogram 0.0.9"}, "source": {"advisory": "JSA70596", "defect": ["1669072"], "discovery": "EXTERNAL"}, "workarounds": [{"lang": "en", "value": "Limit console access to the device to only trusted administrators."}], "exploits": [{"lang": "en", "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability."}], "solutions": [{"lang": "en", "value": "The following software releases have been updated to resolve this specific issue: 19.2R3-S7, 19.3R3-S8, 19.4R3-S12, 20.4R3-S7, 21.1R3-S5, 21.2R3-S4, 21.3R3-S3, 21.4R3-S2, 22.1R3-S1, 22.2R2-S1, 22.2R3, 22.3R1-S2, 22.3R2, 22.4R1, and all subsequent releases.\n"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T13:51:38.970Z"}, "title": "CVE Program Container", "references": [{"url": "https://supportportal.juniper.net/JSA70596", "tags": ["x_transferred"]}]}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-28972", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-02-12T18:59:24.316486Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-26T19:20:36.320Z"}}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:juniper:junos:19.2:-:*:*:*:*:*:*", "matchCriteriaId": "0E7545CE-6300-4E81-B5AF-2BE150C1B190", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.2:r1:*:*:*:*:*:*", "matchCriteriaId": "4CA3060F-1800-4A06-A453-FB8CE4B65312", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.2:r1-s1:*:*:*:*:*:*", "matchCriteriaId": "9A5B337A-727C-4767-AD7B-E0F7F99EB46F", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.2:r1-s2:*:*:*:*:*:*", "matchCriteriaId": "16FDE60B-7A99-4683-BC14-530B5B005F8B", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.2:r1-s3:*:*:*:*:*:*", "matchCriteriaId": "725D8C27-E4F8-4394-B4EC-B49B6D3C2709", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.2:r1-s4:*:*:*:*:*:*", "matchCriteriaId": "8233C3AB-470E-4D13-9BFD-C9E90918FD0B", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.2:r1-s5:*:*:*:*:*:*", "matchCriteriaId": "5F7A233A-D4F6-46FA-92E9-2ACE13E4A6A4", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.2:r1-s6:*:*:*:*:*:*", "matchCriteriaId": "ADCE4EA8-DDBA-4766-BB81-E4DA29723723", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.2:r1-s7:*:*:*:*:*:*", "matchCriteriaId": "2849078A-447A-4615-94E1-58AF450ED22A", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.2:r1-s8:*:*:*:*:*:*", "matchCriteriaId": "C2C625B6-25ED-4F6C-A778-6AB7FA7901CD", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.2:r1-s9:*:*:*:*:*:*", "matchCriteriaId": "84EC3EE0-F1D9-4CBB-B3FA-83C05C50EB5B", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.2:r2:*:*:*:*:*:*", "matchCriteriaId": "7C71D2FA-B1A4-4004-807F-7B3BB347DF4C", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.2:r2-s1:*:*:*:*:*:*", "matchCriteriaId": "9E78E854-DDD3-4D1A-97AB-AEA70B9B811F", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.2:r3:*:*:*:*:*:*", "matchCriteriaId": "512FB3D1-BA5B-4F73-BDB2-49D6889F5473", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.2:r3-s1:*:*:*:*:*:*", "matchCriteriaId": "7FCBFF57-83A1-4C1C-A38D-7DAB48BCA2EC", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.2:r3-s2:*:*:*:*:*:*", "matchCriteriaId": "920FE638-BDE6-403D-9083-2BDBF6A3326F", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.2:r3-s3:*:*:*:*:*:*", "matchCriteriaId": "E38CD1E2-41F5-42D1-B915-055A497C576A", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.2:r3-s4:*:*:*:*:*:*", "matchCriteriaId": "0C816B9A-F152-4E5F-8152-73635840A89A", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.2:r3-s5:*:*:*:*:*:*", "matchCriteriaId": "6E0EA9DA-2DAD-4FA4-8CCC-E2F3D7069305", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.2:r3-s6:*:*:*:*:*:*", "matchCriteriaId": "F56182CE-376A-4B77-BB53-1E988842AEC5", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.3:-:*:*:*:*:*:*", "matchCriteriaId": "59006503-B2CA-4F79-AC13-7C5615A74CE5", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.3:r1:*:*:*:*:*:*", "matchCriteriaId": "B8110DA9-54B1-43CF-AACB-76EABE0C9EF6", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.3:r1-s1:*:*:*:*:*:*", "matchCriteriaId": "11B5CC5A-1959-4113-BFCF-E4BA63D918C1", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.3:r2:*:*:*:*:*:*", "matchCriteriaId": "33F08A33-EF80-4D86-9A9A-9DF147B9B6D3", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.3:r2-s1:*:*:*:*:*:*", "matchCriteriaId": "AF24ACBD-5F84-47B2-BFF3-E9A56666269C", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.3:r2-s2:*:*:*:*:*:*", "matchCriteriaId": "3935A586-41BD-4FA5-9596-DED6F0864777", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.3:r2-s3:*:*:*:*:*:*", "matchCriteriaId": "B83FB539-BD7C-4BEE-9022-098F73902F38", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.3:r2-s4:*:*:*:*:*:*", "matchCriteriaId": "7659AC36-A5EA-468A-9793-C1EC914D36F4", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.3:r2-s5:*:*:*:*:*:*", "matchCriteriaId": "E0E018E1-568E-40F2-ADA5-F71509811879", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.3:r2-s6:*:*:*:*:*:*", "matchCriteriaId": "122B09A3-299A-421C-9A6B-B3FEED8E19FA", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.3:r2-s7:*:*:*:*:*:*", "matchCriteriaId": "55F3E730-83F2-43C2-B6DC-77BAABB2F01D", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.3:r3:*:*:*:*:*:*", "matchCriteriaId": "B9295AF3-A883-47C3-BAF8-3D82F719733E", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.3:r3-s1:*:*:*:*:*:*", "matchCriteriaId": "F09D3262-394A-43D1-A4ED-8887FCB20F87", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.3:r3-s2:*:*:*:*:*:*", "matchCriteriaId": "D3FEA876-302D-4F07-94E6-237C669538F2", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.3:r3-s3:*:*:*:*:*:*", "matchCriteriaId": "B011854A-932C-4D5C-B469-71F72608DFCB", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.3:r3-s4:*:*:*:*:*:*", "matchCriteriaId": "94A44054-B47B-453C-BF0F-9E071EFF6542", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.3:r3-s5:*:*:*:*:*:*", "matchCriteriaId": "CA3A4806-59AB-43D6-BFE3-A6DCE098335C", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.3:r3-s6:*:*:*:*:*:*", "matchCriteriaId": "45DA4D89-1362-421F-8218-585CE5D60E81", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.3:r3-s7:*:*:*:*:*:*", "matchCriteriaId": "EEA350A8-9441-496C-A86C-0D209190A178", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.4:-:*:*:*:*:*:*", "matchCriteriaId": "9B342307-98CF-45C9-9F08-5EB06C679B79", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.4:r1:*:*:*:*:*:*", "matchCriteriaId": "DC743EE4-8833-452A-94DB-655BF139F883", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.4:r1-s1:*:*:*:*:*:*", "matchCriteriaId": "FE96A8EA-FFE3-4D8F-9266-21899149D634", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.4:r1-s2:*:*:*:*:*:*", "matchCriteriaId": "C12A75C6-2D00-4202-B861-00FF71585FA0", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.4:r1-s3:*:*:*:*:*:*", "matchCriteriaId": "70FF3DD4-14CB-435D-8529-0480EB853F60", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.4:r1-s4:*:*:*:*:*:*", "matchCriteriaId": "84429093-AB3C-4C05-B8FA-87D94091820F", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.4:r2:*:*:*:*:*:*", "matchCriteriaId": "4DCFA774-96EF-4018-82CF-95C807025C24", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.4:r2-s1:*:*:*:*:*:*", "matchCriteriaId": "76022948-4B07-43CB-824C-44E1AB3537CB", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.4:r2-s2:*:*:*:*:*:*", "matchCriteriaId": "25446F60-5CB9-4923-BCE8-609AE3CFDFBC", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.4:r2-s3:*:*:*:*:*:*", "matchCriteriaId": "A23E5CEA-EFF5-4641-BC47-BA2D0859F0EE", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.4:r2-s4:*:*:*:*:*:*", "matchCriteriaId": "760E2418-B945-4467-BDAC-7702DDF4C4EE", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.4:r2-s5:*:*:*:*:*:*", "matchCriteriaId": "98097AB6-56CB-42E4-96B4-ABBD4F36553C", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.4:r2-s6:*:*:*:*:*:*", "matchCriteriaId": "7844B380-7986-4B71-B1AE-22D46E5007D1", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.4:r2-s7:*:*:*:*:*:*", "matchCriteriaId": "7EF24AFC-D359-4132-A133-1F6680F7BE46", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.4:r3:*:*:*:*:*:*", "matchCriteriaId": "758275F3-9457-45A2-8F57-65DCD659FC1B", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.4:r3-s1:*:*:*:*:*:*", "matchCriteriaId": "B46CB928-78B5-4D60-B747-9A0988C7060D", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.4:r3-s10:*:*:*:*:*:*", "matchCriteriaId": "7F449CD5-9D3D-4D99-8A6F-8C7946A4F2D0", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.4:r3-s11:*:*:*:*:*:*", "matchCriteriaId": "D85FF739-F299-479A-82F1-DB6788F3D4DE", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.4:r3-s2:*:*:*:*:*:*", "matchCriteriaId": "ED73BF1A-96E4-49F1-A6AA-7B29DAA6C112", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.4:r3-s3:*:*:*:*:*:*", "matchCriteriaId": "0886EFA6-47E3-4C1D-A278-D3891A487FED", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.4:r3-s4:*:*:*:*:*:*", "matchCriteriaId": "A209EE6F-E676-4172-8FF3-4E03748DEB13", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.4:r3-s5:*:*:*:*:*:*", "matchCriteriaId": "EC395200-9A69-468A-8461-D2219B34AA0E", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.4:r3-s6:*:*:*:*:*:*", "matchCriteriaId": "08584FCD-4593-4590-A988-C862295E618A", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.4:r3-s7:*:*:*:*:*:*", "matchCriteriaId": "1BF7792C-51FF-4C6E-B5E7-F87738FE4B35", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.4:r3-s8:*:*:*:*:*:*", "matchCriteriaId": "E69B0ED4-898D-4D7A-9711-8DB00EE3197B", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:19.4:r3-s9:*:*:*:*:*:*", "matchCriteriaId": "1BBF56BB-939A-4E38-BD9E-E3198E70F8E3", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:-:*:*:*:*:*:*", "matchCriteriaId": "D4CF52CF-F911-4615-9171-42F84429149F", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r1:*:*:*:*:*:*", "matchCriteriaId": "CD07B7E2-F5C2-4610-9133-FDA9E66DFF4F", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r1-s1:*:*:*:*:*:*", "matchCriteriaId": "D3C23AEB-34DE-44FB-8D64-E69D6E8B7401", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r1-s2:*:*:*:*:*:*", "matchCriteriaId": "18DB9401-5A51-4BB3-AC2F-58F58F1C788C", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r1-s3:*:*:*:*:*:*", "matchCriteriaId": "06F53DA5-59AE-403C-9B1E-41CE267D8BB1", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r2:*:*:*:*:*:*", "matchCriteriaId": "3332262F-81DA-4D78-99C9-514CADA46611", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r2-s1:*:*:*:*:*:*", "matchCriteriaId": "B46B63A2-1518-4A29-940C-F05624C9658D", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r2-s2:*:*:*:*:*:*", "matchCriteriaId": "8E0D4959-3865-42A7-98CD-1103EBD84528", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r2-s3:*:*:*:*:*:*", "matchCriteriaId": "3A58292B-814C-49E7-8D6D-BE26EFB9ADDF", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r3:*:*:*:*:*:*", "matchCriteriaId": "681AE183-7183-46E7-82EA-28C398FA1C3D", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r3-s1:*:*:*:*:*:*", "matchCriteriaId": "8A6E9627-8BF1-4BE8-844B-EE8F1C9478F0", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r3-s2:*:*:*:*:*:*", "matchCriteriaId": "0A80F23B-CD13-4745-BA92-67C23B297A18", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r3-s3:*:*:*:*:*:*", "matchCriteriaId": "67D4004B-1233-4258-9C7A-F05189146B44", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r3-s4:*:*:*:*:*:*", "matchCriteriaId": "69E33F24-D480-4B5F-956D-D435A551CBE7", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r3-s5:*:*:*:*:*:*", "matchCriteriaId": "6E5E3FDB-3F33-4686-9B64-0152AD41939D", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r3-s6:*:*:*:*:*:*", "matchCriteriaId": "9C411A2E-A407-44E5-A2B2-3D049FB2DB4D", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.2:r3-s7:*:*:*:*:*:*", "matchCriteriaId": "AA7259B5-6BDC-4CB8-AB81-2375803E42E3", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:-:*:*:*:*:*:*", "matchCriteriaId": "3D361B23-A3C2-444B-BEB8-E231DA950567", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r1:*:*:*:*:*:*", "matchCriteriaId": "20DDC6B7-BFC4-4F0B-8E68-442C23765BF2", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r1-s1:*:*:*:*:*:*", "matchCriteriaId": "037BA01C-3F5C-4503-A633-71765E9EF774", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r2:*:*:*:*:*:*", "matchCriteriaId": "C54B047C-4B38-40C0-9855-067DCF7E48BD", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r2-s1:*:*:*:*:*:*", "matchCriteriaId": "38984199-E332-4A9C-A4C0-78083D052E15", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r2-s2:*:*:*:*:*:*", "matchCriteriaId": "AA6526FB-2941-4D18-9B2E-472AD5A62A53", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r3:*:*:*:*:*:*", "matchCriteriaId": "09876787-A40A-4340-9C12-8628C325353B", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s1:*:*:*:*:*:*", "matchCriteriaId": "41615104-C17E-44DA-AB0D-6E2053BD4EF4", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s2:*:*:*:*:*:*", "matchCriteriaId": "1981DE38-36B5-469D-917E-92717EE3ED53", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s3:*:*:*:*:*:*", "matchCriteriaId": "AFA68ACD-AAE5-4577-B734-23AAF77BC85A", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s4:*:*:*:*:*:*", "matchCriteriaId": "65948ABC-22BB-46D5-8545-0806EDB4B86E", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s5:*:*:*:*:*:*", "matchCriteriaId": "283E41CB-9A90-4521-96DC-F31AA592CFD8", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:20.4:r3-s6:*:*:*:*:*:*", "matchCriteriaId": "14EEA504-CBC5-4F6F-889A-D505EC4BB5B1", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.1:-:*:*:*:*:*:*", "matchCriteriaId": "6FDB5B7D-FB37-47E3-8678-B9ED578CCA5F", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.1:r1:*:*:*:*:*:*", "matchCriteriaId": "625BA7E6-D2AD-4A48-9B94-24328BE5B06A", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.1:r1-s1:*:*:*:*:*:*", "matchCriteriaId": "F462F4E3-762C-429F-8D25-5521100DD37C", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.1:r2:*:*:*:*:*:*", "matchCriteriaId": "C0BC9DAC-D6B5-4C5E-8C73-6E550D9A30F5", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.1:r2-s1:*:*:*:*:*:*", "matchCriteriaId": "689FE1AE-7A85-4FB6-AB02-E732F23581B6", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.1:r2-s2:*:*:*:*:*:*", "matchCriteriaId": "79E56DAC-75AD-4C81-9835-634B40C15DA6", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.1:r3:*:*:*:*:*:*", "matchCriteriaId": "A0040FE2-7ECD-4755-96CE-E899BA298E0C", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.1:r3-s1:*:*:*:*:*:*", "matchCriteriaId": "076AB086-BB79-4583-AAF7-A5233DFB2F95", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.1:r3-s2:*:*:*:*:*:*", "matchCriteriaId": "72E2DDF6-01DF-4880-AB60-B3DA3281E88D", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.1:r3-s3:*:*:*:*:*:*", "matchCriteriaId": "54010163-0810-4CF5-95FE-7E62BC6CA4F9", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.1:r3-s4:*:*:*:*:*:*", "matchCriteriaId": "5C1C3B09-3800-493E-A319-57648305FE6E", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.2:-:*:*:*:*:*:*", "matchCriteriaId": "216E7DDE-453D-481F-92E2-9F8466CDDA3F", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.2:r1:*:*:*:*:*:*", "matchCriteriaId": "A52AF794-B36B-43A6-82E9-628658624B0A", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.2:r1-s1:*:*:*:*:*:*", "matchCriteriaId": "3998DC76-F72F-4452-9150-652140B113EB", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.2:r1-s2:*:*:*:*:*:*", "matchCriteriaId": "36ED4552-2420-45F9-B6E4-6DA2B2B12870", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.2:r2:*:*:*:*:*:*", "matchCriteriaId": "C28A14E7-7EA0-4757-9764-E39A27CFDFA5", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.2:r2-s1:*:*:*:*:*:*", "matchCriteriaId": "4A43752D-A4AF-4B4E-B95B-192E42883A5B", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.2:r2-s2:*:*:*:*:*:*", "matchCriteriaId": "42986538-E9D0-4C2E-B1C4-A763A4EE451B", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.2:r3:*:*:*:*:*:*", "matchCriteriaId": "DE22CA01-EA7E-4EE5-B59F-EE100688C1DA", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s1:*:*:*:*:*:*", "matchCriteriaId": "E596ABD9-6ECD-48DC-B770-87B7E62EA345", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s2:*:*:*:*:*:*", "matchCriteriaId": "71745D02-D226-44DC-91AD-678C85F5E6FC", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.2:r3-s3:*:*:*:*:*:*", "matchCriteriaId": "39E44B09-7310-428C-8144-AE9DB0484D1F", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.3:-:*:*:*:*:*:*", "matchCriteriaId": "2E7D597D-F6B6-44C3-9EBC-4FA0686ACB5C", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.3:r1:*:*:*:*:*:*", "matchCriteriaId": "CC78A4CB-D617-43FC-BB51-287D2D0C44ED", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.3:r1-s1:*:*:*:*:*:*", "matchCriteriaId": "30FF67F8-1E3C-47A8-8859-709B3614BA6E", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.3:r1-s2:*:*:*:*:*:*", "matchCriteriaId": "0C7C507E-C85E-4BC6-A3B0-549516BAB524", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.3:r2:*:*:*:*:*:*", "matchCriteriaId": "6514CDE8-35DC-469F-89A3-078684D18F7A", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.3:r2-s1:*:*:*:*:*:*", "matchCriteriaId": "4624565D-8F59-44A8-B7A8-01AD579745E7", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.3:r2-s2:*:*:*:*:*:*", "matchCriteriaId": "4BF8CD82-C338-4D9A-8C98-FCB3CEAA9227", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.3:r3:*:*:*:*:*:*", "matchCriteriaId": "57E08E70-1AF3-4BA5-9A09-06DFE9663ADE", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.3:r3-s1:*:*:*:*:*:*", "matchCriteriaId": "255B6F20-D32F-42C1-829C-AE9C7923558A", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.3:r3-s2:*:*:*:*:*:*", "matchCriteriaId": "90AE30DB-C448-4FE9-AC11-FF0F27CDA227", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.4:-:*:*:*:*:*:*", "matchCriteriaId": "79ED3CE8-CC57-43AB-9A26-BBC87816062D", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.4:r1:*:*:*:*:*:*", "matchCriteriaId": "4310D2D9-A8A6-48F8-9384-0A0692A1E1C3", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.4:r1-s1:*:*:*:*:*:*", "matchCriteriaId": "9962B01C-C57C-4359-9532-676AB81CE8B0", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.4:r1-s2:*:*:*:*:*:*", "matchCriteriaId": "62178549-B679-4902-BFDB-2993803B7FCE", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.4:r2:*:*:*:*:*:*", "matchCriteriaId": "9AD697DF-9738-4276-94ED-7B9380CD09F5", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.4:r2-s1:*:*:*:*:*:*", "matchCriteriaId": "09FF5818-0803-4646-A386-D7C645EE58A3", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.4:r2-s2:*:*:*:*:*:*", "matchCriteriaId": "2229FA59-EB24-49A2-85CE-F529A8DE6BA7", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.4:r3:*:*:*:*:*:*", "matchCriteriaId": "0CB280D8-C5D8-4B51-A879-496ACCDE4538", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:21.4:r3-s1:*:*:*:*:*:*", "matchCriteriaId": "5F3F54F1-75B3-400D-A735-2C27C8CEBE79", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:22.1:r1:*:*:*:*:*:*", "matchCriteriaId": "3F96EBE9-2532-4E35-ABA5-CA68830476A4", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:22.1:r1-s1:*:*:*:*:*:*", "matchCriteriaId": "B4D936AE-FD74-4823-A824-2D9F24C25BFB", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:22.1:r1-s2:*:*:*:*:*:*", "matchCriteriaId": "E117E493-F4E1-4568-88E3-F243C74A2662", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:22.1:r2:*:*:*:*:*:*", "matchCriteriaId": "01E3E308-FD9C-4686-8C35-8472A0E99F0D", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:22.1:r2-s1:*:*:*:*:*:*", "matchCriteriaId": "3683A8F5-EE0E-4936-A005-DF7F6B75DED3", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:22.1:r2-s2:*:*:*:*:*:*", "matchCriteriaId": "1B615DBA-8C53-41D4-B264-D3EED8578471", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:22.1:r3:*:*:*:*:*:*", "matchCriteriaId": "B3124DD0-9E42-4896-9060-CB7DD07FC342", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:22.2:r1:*:*:*:*:*:*", "matchCriteriaId": "E949B21B-AD62-4022-9088-06313277479E", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:22.2:r1-s1:*:*:*:*:*:*", "matchCriteriaId": "8D862E6F-0D01-4B25-8340-888C30F75A2F", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:22.2:r1-s2:*:*:*:*:*:*", "matchCriteriaId": "2F28F73E-8563-41B9-A313-BBAAD5B57A67", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:22.2:r2:*:*:*:*:*:*", "matchCriteriaId": "E37D4694-C80B-475E-AB5B-BB431F59C5E1", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:22.3:r1:*:*:*:*:*:*", "matchCriteriaId": "19519212-51DD-4448-B115-8A20A40192CC", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:junos:22.3:r1-s1:*:*:*:*:*:*", "matchCriteriaId": "5CC9909E-AE9F-414D-99B1-83AA04D5297B", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:juniper:nfx150:-:*:*:*:*:*:*:*", "matchCriteriaId": "D9AE81FA-B0F3-4F0B-A2D1-2BB590345058", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:nfx250:-:*:*:*:*:*:*:*", "matchCriteriaId": "7EB08A27-7777-4538-ADC4-9D2F89963C13", "vulnerable": false}, {"criteria": "cpe:2.3:h:juniper:nfx350:-:*:*:*:*:*:*:*", "matchCriteriaId": "6CB56048-A486-4A46-B438-CC3084BD9CB6", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "An Improper Link Resolution Before File Access vulnerability in console port access of Juniper Networks Junos OS on NFX Series allows an attacker to bypass console access controls. When \"set system ports console insecure\" is enabled, root login is disallowed for Junos OS as expected. However, the root password can be changed using \"set system root-authentication plain-text-password\" on NFX Series systems, leading to a possible administrative bypass with physical access to the console. Password recovery, changing the root password from a console, should not have been allowed from an insecure console. This is similar to the vulnerability described in CVE-2019-0035 but affects different platforms and in turn requires a different fix. This issue affects Juniper Networks Junos OS on NFX Series: 19.2 versions prior to 19.2R3-S7; 19.3 versions prior to 19.3R3-S8; 19.4 versions prior to 19.4R3-S12; 20.2 versions prior to 20.2R3-S8; 20.4 versions prior to 20.4R3-S7; 21.1 versions prior to 21.1R3-S5; 21.2 versions prior to 21.2R3-S4; 21.3 versions prior to 21.3R3-S3; 21.4 versions prior to 21.4R3-S2; 22.1 versions prior to 22.1R3-S1; 22.2 versions prior to 22.2R2-S1, 22.2R3; 22.3 versions prior to 22.3R1-S2, 22.3R2."}], "id": "CVE-2023-28972", "lastModified": "2024-11-21T07:56:18.957", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.9, "impactScore": 5.9, "source": "sirt@juniper.net", "type": "Secondary"}]}, "published": "2023-04-17T22:15:09.140", "references": [{"source": "sirt@juniper.net", "tags": ["Vendor Advisory"], "url": "https://supportportal.juniper.net/JSA70596"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://supportportal.juniper.net/JSA70596"}], "sourceIdentifier": "sirt@juniper.net", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-59"}], "source": "sirt@juniper.net", "type": "Secondary"}]}

{}

{}