CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
AI Score
Confidence
High
EPSS
Percentile
29.2%
A Path Traversal vulnerability in the J-Web component of Juniper Networks Junos OS allows an authenticated attacker to upload arbitrary files to the device by bypassing validation checks built into Junos OS. The attacker should not be able to execute the file due to validation checks built into Junos OS. Successful exploitation of this vulnerability could lead to loss of filesystem integrity. This issue affects Juniper Networks Junos OS: all versions prior to 19.1R3-S9; 19.2 versions prior to 19.2R3-S6; 19.3 versions prior to 19.3R3-S7; 19.4 versions prior to 19.4R3-S9; 20.1 versions prior to 20.1R3-S5; 20.2 versions prior to 20.2R3-S5; 20.3 versions prior to 20.3R3-S5; 20.4 versions prior to 20.4R3-S4; 21.1 versions prior to 21.1R3-S2; 21.2 versions prior to 21.2R3-S1; 21.3 versions prior to 21.3R2-S2, 21.3R3; 21.4 versions prior to 21.4R1-S2, 21.4R2-S1, 21.4R3; 22.1 versions prior to 22.1R1-S1, 22.1R2.
Vendor | Product | Version | CPE |
---|---|---|---|
juniper | junos | 21.2 | cpe:/o:juniper:junos:21.2:-:: |
juniper | junos | 19.3 | cpe:/o:juniper:junos:19.3:r3-s6:: |
juniper | junos | 19.4 | cpe:/o:juniper:junos:19.4:r2-s6:: |
juniper | junos | 21.4 | cpe:/o:juniper:junos:21.4:r1-s1:: |
juniper | junos | 19.3 | cpe:/o:juniper:junos:19.3:r2-s4:: |
juniper | junos | 19.4 | cpe:/o:juniper:junos:19.4:r1-s3:: |
juniper | junos | 19.2 | cpe:/o:juniper:junos:19.2:r3:: |
juniper | junos | 19.3 | cpe:/o:juniper:junos:19.3:r1-s1:: |
juniper | junos | 20.2 | cpe:/o:juniper:junos:20.2:r3-s2:: |
juniper | junos | 19.3 | cpe:/o:juniper:junos:19.3:r2-s6:: |
[
{
"vendor": "Juniper Networks",
"product": "Junos OS",
"versions": [
{
"version": "unspecified",
"lessThan": "19.1R3-S9",
"status": "affected",
"versionType": "custom"
},
{
"version": "19.2",
"status": "affected",
"lessThan": "19.2R3-S6",
"versionType": "custom"
},
{
"version": "19.3",
"status": "affected",
"lessThan": "19.3R3-S7",
"versionType": "custom"
},
{
"version": "19.4",
"status": "affected",
"lessThan": "19.4R3-S9",
"versionType": "custom"
},
{
"version": "20.1",
"status": "affected",
"lessThan": "20.1R3-S5",
"versionType": "custom"
},
{
"version": "20.2",
"status": "affected",
"lessThan": "20.2R3-S5",
"versionType": "custom"
},
{
"version": "20.3",
"status": "affected",
"lessThan": "20.3R3-S5",
"versionType": "custom"
},
{
"version": "20.4",
"status": "affected",
"lessThan": "20.4R3-S4",
"versionType": "custom"
},
{
"version": "21.1",
"status": "affected",
"lessThan": "21.1R3-S2",
"versionType": "custom"
},
{
"version": "21.2",
"status": "affected",
"lessThan": "21.2R3-S1",
"versionType": "custom"
},
{
"version": "21.3",
"status": "affected",
"lessThan": "21.3R2-S2, 21.3R3",
"versionType": "custom"
},
{
"version": "21.4",
"status": "affected",
"lessThan": "21.4R1-S2, 21.4R2-S1, 21.4R3",
"versionType": "custom"
},
{
"version": "22.1",
"status": "affected",
"lessThan": "22.1R1-S1, 22.1R2",
"versionType": "custom"
}
]
}
]
More