Lucene search

JuniperCVELIST:CVE-2024-21591

HistoryJan 12, 2024 - 12:52 a.m.

CVE-2024-21591 Junos OS: SRX Series and EX Series: Security Vulnerability in J-web allows a preAuth Remote Code Execution

2024-01-1200:52:04

CWE-787

juniper

www.cve.org

out-of-bounds write

j-web

juniper networks

junos os

srx series

ex series

unauthenticated

dos

rce

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.8

Confidence

High

EPSS

0.003

Percentile

65.9%

JSON

An Out-of-bounds Write vulnerability in J-Web of Juniper Networks Junos OS on SRX Series and EX Series allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS), or Remote Code Execution (RCE) and obtain root privileges on the device.

This issue is caused by use of an insecure function allowing an attacker to overwrite arbitrary memory.

This issue affects Juniper Networks Junos OS SRX Series and EX Series:

Junos OS versions earlier than 20.4R3-S9;
Junos OS 21.2 versions earlier than 21.2R3-S7;
Junos OS 21.3 versions earlier than 21.3R3-S5;
Junos OS 21.4 versions earlier than 21.4R3-S5;
Junos OS 22.1 versions earlier than 22.1R3-S4;
Junos OS 22.2 versions earlier than 22.2R3-S3;
Junos OS 22.3 versions earlier than 22.3R3-S2;
Junos OS 22.4 versions earlier than 22.4R2-S2, 22.4R3.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "SRX Series",
      "EX Series"
    ],
    "product": "Junos OS",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "lessThan": "20.4R3-S9",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      },
      {
        "lessThan": "21.2R3-S7",
        "status": "affected",
        "version": "21.2",
        "versionType": "semver"
      },
      {
        "lessThan": "21.3R3-S5",
        "status": "affected",
        "version": "21.3",
        "versionType": "semver"
      },
      {
        "lessThan": "21.4R3-S5",
        "status": "affected",
        "version": "21.4",
        "versionType": "semver"
      },
      {
        "lessThan": "22.1R3-S4",
        "status": "affected",
        "version": "22.1",
        "versionType": "semver"
      },
      {
        "lessThan": "22.2R3-S3",
        "status": "affected",
        "version": "22.2",
        "versionType": "semver"
      },
      {
        "lessThan": "22.3R3-S2",
        "status": "affected",
        "version": "22.3",
        "versionType": "semver"
      },
      {
        "lessThan": "22.4R2-S2, 22.4R3",
        "status": "affected",
        "version": "22.4",
        "versionType": "semver"
      }
    ]
  }
]

References

curesec.com/blog/article/CVE-2024-21591_Juniper_Remote_Code_Exec.html

supportportal.juniper.net/JSA75729

www.first.org/cvss/calculator/4.0#CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.8

Confidence

High

EPSS

0.003

Percentile

65.9%

JSON

Related for CVELIST:CVE-2024-21591