Lucene search

JuniperCVELIST:CVE-2024-2973

HistoryJun 27, 2024 - 8:17 p.m.

CVE-2024-2973 Session Smart Router(SSR): On redundant router deployments API authentication can be bypassed

2024-06-2720:17:50

CWE-288

juniper

www.cve.org

juniper networks

authentication bypass

redundant configurations

10 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

10 High

CVSS4

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/SC:H/VI:H/SI:H/VA:H/SA:H/AU:Y/U:Red/V:C/RE:M

0.001 Low

EPSS

Percentile

39.3%

JSON

An Authentication Bypass Using an Alternate Path or Channel vulnerability in Juniper Networks Session Smart Router or conductor running with a redundant peer allows a network based attacker to bypass authentication and take full control of the device.
Only routers or conductors that are running in high-availability redundant configurations are affected by this vulnerability.

No other Juniper Networks products or platforms are affected by this issue.

This issue affects:

Session Smart Router:

All versions before 5.6.15,
from 6.0 before 6.1.9-lts,
from 6.2 before 6.2.5-sts.

Session Smart Conductor:

All versions before 5.6.15,
from 6.0 before 6.1.9-lts,
from 6.2 before 6.2.5-sts.

WAN Assurance Router:

6.0 versions before 6.1.9-lts,
6.2 versions before 6.2.5-sts.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "Session Smart Router",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "lessThan": "5.6.15",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      },
      {
        "lessThan": "6.1.9-lts",
        "status": "affected",
        "version": "6.0",
        "versionType": "semver"
      },
      {
        "lessThan": "6.2.5-sts",
        "status": "affected",
        "version": "6.2",
        "versionType": "semver"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Session Smart Conductor",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "lessThan": "5.6.15",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      },
      {
        "lessThan": "6.1.9-lts",
        "status": "affected",
        "version": "6.0",
        "versionType": "semver"
      },
      {
        "lessThan": "6.2.5-sts",
        "status": "affected",
        "version": "6.2",
        "versionType": "semver"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "WAN Assurance Router",
    "vendor": "Juniper Networks",
    "versions": [
      {
        "lessThan": "6.1.9-lts",
        "status": "affected",
        "version": "6.0",
        "versionType": "semver"
      },
      {
        "lessThan": "6.2.5-sts",
        "status": "affected",
        "version": "6.2",
        "versionType": "semver"
      }
    ]
  }
]

References

support.juniper.net/support/eol/software/ssr/

supportportal.juniper.net/JSA83126

10 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

10 High

CVSS4

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/SC:H/VI:H/SI:H/VA:H/SA:H/AU:Y/U:Red/V:C/RE:M

0.001 Low

EPSS

Percentile

39.3%

JSON

Related for CVELIST:CVE-2024-2973