Lucene search

K
cvelistJuniperCVELIST:CVE-2023-36846
HistoryAug 17, 2023 - 7:18 p.m.

CVE-2023-36846 Junos OS: SRX Series: A vulnerability in J-Web allows an unauthenticated attacker to upload arbitrary files

2023-08-1719:18:00
CWE-306
juniper
www.cve.org
3
juniper networks
junos os
srx series
vulnerability
unauthenticated
upload
arbitrary files
j-web
file system integrity

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

AI Score

7.9

Confidence

High

EPSS

0.008

Percentile

82.2%

A Missing Authentication for Critical Function vulnerability in Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause limited impact to the file system integrity.

With a specific request to user.php that doesnā€™t require authentication an attacker is able to upload arbitrary files via J-Web, leading to a loss of

integrity

for a certain

part of theĀ file system, which may allow chaining to other vulnerabilities.

This issue affects Juniper Networks Junos OS on SRX Series:

  • All versions prior to 20.4R3-S8;
  • 21.1 versions 21.1R1 and later;
  • 21.2 versions prior to 21.2R3-S6;
  • 21.3 versions

prior to

21.3R3-S5;

  • 21.4 versions

prior to

21.4R3-S5;

  • 22.1 versions

prior to

22.1R3-S3;

  • 22.2 versions

prior to

22.2R3-S2;

  • 22.3 versions

prior to

22.3R2-S2, 22.3R3;

  • 22.4 versions

prior to

22.4R2-S1, 22.4R3.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "SRX Series"
    ],
    "product": "Junos OS",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "lessThan": "20.4R3-S8",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      },
      {
        "lessThan": "21.1*",
        "status": "affected",
        "version": "21.1",
        "versionType": "semver"
      },
      {
        "lessThan": "21.2R3-S6",
        "status": "affected",
        "version": "21.2",
        "versionType": "semver"
      },
      {
        "lessThan": "21.3R3-S5",
        "status": "affected",
        "version": "21.3",
        "versionType": "semver"
      },
      {
        "lessThan": "21.4R3-S5",
        "status": "affected",
        "version": "21.4",
        "versionType": "semver"
      },
      {
        "lessThan": "22.1R3-S3",
        "status": "affected",
        "version": "22.1",
        "versionType": "semver"
      },
      {
        "lessThan": "22.2R3-S2",
        "status": "affected",
        "version": "22.2",
        "versionType": "semver"
      },
      {
        "lessThan": "22.3R2-S2, 22.3R3",
        "status": "affected",
        "version": "22.3",
        "versionType": "semver"
      },
      {
        "lessThan": "22.4R2-S1, 22.4R3",
        "status": "affected",
        "version": "22.4",
        "versionType": "semver"
      }
    ]
  }
]

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

AI Score

7.9

Confidence

High

EPSS

0.008

Percentile

82.2%