CVE-2024-39565

🗓️ 10 Jul 2024 22:55:27Reported by juniperType

An XPath Injection vulnerability in J-Web of Juniper Networks Junos OS allows unauthenticated attackers to execute remote commands and gain full control over the device

Reporter	Title	Published	Views	Family All 8
Circl	CVE-2024-39565	11 Jul 202401:35	–	circl
CNNVD	Juniper Networks Junos OS Security Vulnerability	10 Jul 202400:00	–	cnnvd
Cvelist	CVE-2024-39565 Junos OS: J-Web: An unauthenticated, network-based attacker can perform XPATH injection attack against a device.	10 Jul 202422:55	–	cvelist
EUVD	EUVD-2024-38090	3 Oct 202520:07	–	euvd
Tenable Nessus	Juniper Junos OS Vulnerability (JSA83023)	10 Jul 202400:00	–	nessus
NVD	CVE-2024-39565	10 Jul 202423:15	–	nvd
OSV	CVE-2024-39565	10 Jul 202423:15	–	osv
Vulnrichment	CVE-2024-39565 Junos OS: J-Web: An unauthenticated, network-based attacker can perform XPATH injection attack against a device.	10 Jul 202422:55	–	vulnrichment

NVD

Vulners

Vulnrichment

Node

juniper j-webMatch-

juniper junosRange<21.2

juniper junosMatch21.2-

juniper junosMatch21.2r1

juniper junosMatch21.2r1-s1

juniper junosMatch21.2r1-s2

juniper junosMatch21.2r2

juniper junosMatch21.2r2-s1

juniper junosMatch21.2r2-s2

juniper junosMatch21.2r3

juniper junosMatch21.2r3-s1

juniper junosMatch21.2r3-s2

juniper junosMatch21.2r3-s3

juniper junosMatch21.2r3-s4

juniper junosMatch21.2r3-s5

juniper junosMatch21.2r3-s6

juniper junosMatch21.2r3-s7

juniper junosMatch21.4-

juniper junosMatch21.4r1

juniper junosMatch21.4r1-s1

juniper junosMatch21.4r1-s2

juniper junosMatch21.4r2

juniper junosMatch21.4r2-s1

juniper junosMatch21.4r2-s2

juniper junosMatch21.4r3

juniper junosMatch21.4r3-s1

juniper junosMatch21.4r3-s2

juniper junosMatch21.4r3-s3

juniper junosMatch21.4r3-s4

juniper junosMatch21.4r3-s5

juniper junosMatch21.4r3-s6

juniper junosMatch22.2-

juniper junosMatch22.2r1

juniper junosMatch22.2r1-s1

juniper junosMatch22.2r1-s2

juniper junosMatch22.2r2

juniper junosMatch22.2r2-s1

juniper junosMatch22.2r2-s2

juniper junosMatch22.2r3

juniper junosMatch22.2r3-s1

juniper junosMatch22.2r3-s2

juniper junosMatch22.2r3-s3

juniper junosMatch22.3-

juniper junosMatch22.3r1

juniper junosMatch22.3r1-s1

juniper junosMatch22.3r1-s2

juniper junosMatch22.3r2

juniper junosMatch22.3r2-s1

juniper junosMatch22.3r2-s2

juniper junosMatch22.3r3

juniper junosMatch22.3r3-s1

juniper junosMatch22.3r3-s2

juniper junosMatch22.4-

juniper junosMatch22.4r1

juniper junosMatch22.4r1-s1

juniper junosMatch22.4r1-s2

juniper junosMatch22.4r2

juniper junosMatch22.4r2-s1

juniper junosMatch22.4r2-s2

juniper junosMatch22.4r3

juniper junosMatch22.4r3-s1

juniper junosMatch23.2-

juniper junosMatch23.2r1

juniper junosMatch23.2r1-s1

juniper junosMatch23.2r1-s2

juniper junosMatch23.4-

juniper junosMatch23.4r1

juniper junosMatch23.4r2

AND

juniper ex2300Match-

juniper ex2300-cMatch-

juniper ex3400Match-

juniper ex4000Match-

juniper ex4100Match-

juniper ex4100-fMatch-

juniper ex4100-hMatch-

juniper ex4300Match-

juniper ex4400Match-

juniper ex4600Match-

juniper ex4650Match-

juniper ex9204Match-

juniper ex9208Match-

juniper ex9214Match-

juniper srx1500Match-

juniper srx1600Match-

juniper srx2300Match-

juniper srx300Match-

juniper srx320Match-

juniper srx340Match-

juniper srx345Match-

juniper srx380Match-

juniper srx4100Match-

juniper srx4120Match-

juniper srx4200Match-

juniper srx4300Match-

juniper srx4600Match-

juniper srx4700Match-

juniper srx5400Match-

juniper srx5600Match-

juniper srx5800Match-

[
  {
    "defaultStatus": "unaffected",
    "product": "Junos OS",
    "vendor": "Juniper Networks, Inc.",
    "versions": [
      {
        "lessThan": "21.2R3-S8",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      },
      {
        "lessThan": "21.4R3-S7",
        "status": "affected",
        "version": "21.4",
        "versionType": "semver"
      },
      {
        "lessThan": "22.2R3-S4",
        "status": "affected",
        "version": "22.2",
        "versionType": "semver"
      },
      {
        "lessThan": "22.3R3-S3",
        "status": "affected",
        "version": "22.3",
        "versionType": "semver"
      },
      {
        "lessThan": "22.4R3-S2",
        "status": "affected",
        "version": "22.4",
        "versionType": "semver"
      },
      {
        "lessThan": "23.2R2",
        "status": "affected",
        "version": "23.2",
        "versionType": "semver"
      },
      {
        "lessThan": "23.4R1-S1, 23.4R2",
        "status": "affected",
        "version": "23.4",
        "versionType": "semver"
      }
    ]
  }
]

Source	Link
first	www.first.org/cvss/calculator/v4-0
support	www.support.juniper.net/support/downloads/
supportportal	www.supportportal.juniper.net/JSA83023

22 Jan 2026 21:19Current

9High risk

Vulners AI Score9

CVSS 47.7

CVSS 3.18.8

EPSS0.00637

SSVC

CWE-643