Lucene search

JuniperCVELIST:CVE-2023-36851

HistorySep 26, 2023 - 7:53 p.m.

CVE-2023-36851 Junos OS: SRX Series: A vulnerability in J-Web allows an unauthenticated attacker to upload and download arbitrary files

2023-09-2619:53:17

CWE-306

juniper

www.cve.org

junos os

srx series

unauthenticated attacker

file upload

file download

j-web

integrity loss

confidentiality

cve-2023-36851

vulnerability

juniper networks

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

AI Score

6.2

Confidence

High

EPSS

0.006

Percentile

78.9%

JSON

A Missing Authentication for Critical Function vulnerability in Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause limited impact to the file system integrity.

With a specific request to

webauth_operation.php

that doesn’t require authentication, an attacker is able to upload and download arbitrary files via J-Web, leading to a loss of

integrity or confidentiality, which may allow chaining to other vulnerabilities.

This issue affects Juniper Networks Junos OS on SRX Series:

21.2 versions prior to 21.2R3-S8;

21.4

versions prior to

21.4R3-S6;

22.1

versions prior to

22.1R3-S5;

22.2

versions prior to

22.2R3-S3;

22.3

versions prior to

22.3R3-S2;

22.4 versions prior to 22,4R2-S2, 22.4R3;
23.2 versions prior to

23.2R1-S2, 23.2R2.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "SRX Series"
    ],
    "product": "Junos OS",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "lessThan": "21.2R3-S8",
        "status": "affected",
        "version": "21.2",
        "versionType": "semver"
      },
      {
        "lessThan": "21.4R3-S6",
        "status": "affected",
        "version": "21.4",
        "versionType": "semver"
      },
      {
        "lessThan": "22.1R3-S5",
        "status": "affected",
        "version": "22.1",
        "versionType": "semver"
      },
      {
        "lessThan": "22.2R3-S3",
        "status": "affected",
        "version": "22.2",
        "versionType": "semver"
      },
      {
        "lessThan": "22.3R3-S2",
        "status": "affected",
        "version": "22.3",
        "versionType": "semver"
      },
      {
        "lessThan": "22.4R2-S2, 22.4R3",
        "status": "affected",
        "version": "22.4",
        "versionType": "semver"
      },
      {
        "lessThan": "23.2R1-S2, 23.2R2",
        "status": "affected",
        "version": "23.2",
        "versionType": "semver"
      }
    ]
  }
]