Lucene search

K
nvd[email protected]NVD:CVE-2023-28963
HistoryApr 17, 2023 - 10:15 p.m.

CVE-2023-28963

2023-04-1722:15:08
CWE-287
web.nvd.nist.gov
6
juniper networks
network-based attacker
arbitrary files
temporary folders
security vulnerability

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

EPSS

0.001

Percentile

22.6%

An Improper Authentication vulnerability in cert-mgmt.php, used by the J-Web component of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to read arbitrary files from temporary folders on the device. This issue affects Juniper Networks Junos OS: All versions prior to 19.1R3-S10; 19.2 versions prior to 19.2R3-S7; 19.3 versions prior to 19.3R3-S8; 19.4 versions prior to 19.4R3-S11; 20.1 version 20.1R1 and later versions; 20.2 versions prior to 20.2R3-S7; 20.3 version 20.3R1 and later versions; 20.4 versions prior to 20.4R3-S6; 21.1 versions prior to 21.1R3-S5; 21.2 versions prior to 21.2R3-S4; 21.3 versions prior to 21.3R3-S3; 21.4 versions prior to 21.4R3-S3; 22.1 versions prior to 22.1R3-S1; 22.2 versions prior to 22.2R2-S1, 22.2R3; 22.3 versions prior to 22.3R1-S2, 22.3R2.

Affected configurations

Nvd
Node
juniperjunosRange<19.4
OR
juniperjunosMatch19.4-
OR
juniperjunosMatch19.4r1
OR
juniperjunosMatch19.4r1-s1
OR
juniperjunosMatch19.4r1-s2
OR
juniperjunosMatch19.4r1-s3
OR
juniperjunosMatch19.4r1-s4
OR
juniperjunosMatch19.4r2
OR
juniperjunosMatch19.4r2-s1
OR
juniperjunosMatch19.4r2-s2
OR
juniperjunosMatch19.4r2-s3
OR
juniperjunosMatch19.4r2-s4
OR
juniperjunosMatch19.4r2-s5
OR
juniperjunosMatch19.4r2-s6
OR
juniperjunosMatch19.4r2-s7
OR
juniperjunosMatch19.4r3
OR
juniperjunosMatch19.4r3-s1
OR
juniperjunosMatch19.4r3-s10
OR
juniperjunosMatch19.4r3-s2
OR
juniperjunosMatch19.4r3-s3
OR
juniperjunosMatch19.4r3-s4
OR
juniperjunosMatch19.4r3-s5
OR
juniperjunosMatch19.4r3-s6
OR
juniperjunosMatch19.4r3-s7
OR
juniperjunosMatch19.4r3-s8
OR
juniperjunosMatch19.4r3-s9
OR
juniperjunosMatch20.1-
OR
juniperjunosMatch20.1r1
OR
juniperjunosMatch20.1r1-s1
OR
juniperjunosMatch20.1r1-s2
OR
juniperjunosMatch20.1r1-s3
OR
juniperjunosMatch20.1r1-s4
OR
juniperjunosMatch20.1r2
OR
juniperjunosMatch20.1r2-s1
OR
juniperjunosMatch20.1r2-s2
OR
juniperjunosMatch20.1r3
OR
juniperjunosMatch20.1r3-s1
OR
juniperjunosMatch20.1r3-s2
OR
juniperjunosMatch20.1r3-s3
OR
juniperjunosMatch20.1r3-s4
OR
juniperjunosMatch20.1r3-s5
OR
juniperjunosMatch20.2-
OR
juniperjunosMatch20.2r1
OR
juniperjunosMatch20.2r1-s1
OR
juniperjunosMatch20.2r1-s2
OR
juniperjunosMatch20.2r1-s3
OR
juniperjunosMatch20.2r2
OR
juniperjunosMatch20.2r2-s1
OR
juniperjunosMatch20.2r2-s2
OR
juniperjunosMatch20.2r2-s3
OR
juniperjunosMatch20.2r3
OR
juniperjunosMatch20.2r3-s1
OR
juniperjunosMatch20.2r3-s2
OR
juniperjunosMatch20.2r3-s3
OR
juniperjunosMatch20.2r3-s4
OR
juniperjunosMatch20.2r3-s5
OR
juniperjunosMatch20.2r3-s6
OR
juniperjunosMatch20.3-
OR
juniperjunosMatch20.3r1
OR
juniperjunosMatch20.3r1-s1
OR
juniperjunosMatch20.3r1-s2
OR
juniperjunosMatch20.3r2
OR
juniperjunosMatch20.3r2-s1
OR
juniperjunosMatch20.3r3
OR
juniperjunosMatch20.3r3-s1
OR
juniperjunosMatch20.3r3-s2
OR
juniperjunosMatch20.3r3-s3
OR
juniperjunosMatch20.3r3-s4
OR
juniperjunosMatch20.3r3-s5
OR
juniperjunosMatch20.3r3-s6
OR
juniperjunosMatch20.4-
OR
juniperjunosMatch20.4r1
OR
juniperjunosMatch20.4r1-s1
OR
juniperjunosMatch20.4r2
OR
juniperjunosMatch20.4r2-s1
OR
juniperjunosMatch20.4r2-s2
OR
juniperjunosMatch20.4r3
OR
juniperjunosMatch20.4r3-s1
OR
juniperjunosMatch20.4r3-s2
OR
juniperjunosMatch20.4r3-s3
OR
juniperjunosMatch20.4r3-s4
OR
juniperjunosMatch20.4r3-s5
OR
juniperjunosMatch21.1-
OR
juniperjunosMatch21.1r1
OR
juniperjunosMatch21.1r1-s1
OR
juniperjunosMatch21.1r2
OR
juniperjunosMatch21.1r2-s1
OR
juniperjunosMatch21.1r2-s2
OR
juniperjunosMatch21.1r3
OR
juniperjunosMatch21.1r3-s1
OR
juniperjunosMatch21.1r3-s2
OR
juniperjunosMatch21.1r3-s3
OR
juniperjunosMatch21.1r3-s4
OR
juniperjunosMatch21.1r3-s5
OR
juniperjunosMatch21.2-
OR
juniperjunosMatch21.2r1
OR
juniperjunosMatch21.2r1-s1
OR
juniperjunosMatch21.2r1-s2
OR
juniperjunosMatch21.2r2
OR
juniperjunosMatch21.2r2-s1
OR
juniperjunosMatch21.2r2-s2
OR
juniperjunosMatch21.2r3
OR
juniperjunosMatch21.2r3-s1
OR
juniperjunosMatch21.2r3-s2
OR
juniperjunosMatch21.2r3-s3
OR
juniperjunosMatch21.3-
OR
juniperjunosMatch21.3r1
OR
juniperjunosMatch21.3r1-s1
OR
juniperjunosMatch21.3r1-s2
OR
juniperjunosMatch21.3r2
OR
juniperjunosMatch21.3r2-s1
OR
juniperjunosMatch21.3r2-s2
OR
juniperjunosMatch21.3r3
OR
juniperjunosMatch21.3r3-s1
OR
juniperjunosMatch21.3r3-s2
OR
juniperjunosMatch21.4-
OR
juniperjunosMatch21.4r1
OR
juniperjunosMatch21.4r1-s1
OR
juniperjunosMatch21.4r1-s2
OR
juniperjunosMatch21.4r2
OR
juniperjunosMatch21.4r2-s1
OR
juniperjunosMatch21.4r2-s2
OR
juniperjunosMatch21.4r3
OR
juniperjunosMatch21.4r3-s1
OR
juniperjunosMatch21.4r3-s2
OR
juniperjunosMatch22.1r1
OR
juniperjunosMatch22.1r1-s1
OR
juniperjunosMatch22.1r1-s2
OR
juniperjunosMatch22.1r2
OR
juniperjunosMatch22.1r2-s1
OR
juniperjunosMatch22.1r2-s2
OR
juniperjunosMatch22.1r3
OR
juniperjunosMatch22.2r1
OR
juniperjunosMatch22.2r1-s1
OR
juniperjunosMatch22.2r1-s2
OR
juniperjunosMatch22.2r2
OR
juniperjunosMatch22.3r1
OR
juniperjunosMatch22.3r1-s1
VendorProductVersionCPE
juniperjunos*cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*
juniperjunos19.4cpe:2.3:o:juniper:junos:19.4:-:*:*:*:*:*:*
juniperjunos19.4cpe:2.3:o:juniper:junos:19.4:r1:*:*:*:*:*:*
juniperjunos19.4cpe:2.3:o:juniper:junos:19.4:r1-s1:*:*:*:*:*:*
juniperjunos19.4cpe:2.3:o:juniper:junos:19.4:r1-s2:*:*:*:*:*:*
juniperjunos19.4cpe:2.3:o:juniper:junos:19.4:r1-s3:*:*:*:*:*:*
juniperjunos19.4cpe:2.3:o:juniper:junos:19.4:r1-s4:*:*:*:*:*:*
juniperjunos19.4cpe:2.3:o:juniper:junos:19.4:r2:*:*:*:*:*:*
juniperjunos19.4cpe:2.3:o:juniper:junos:19.4:r2-s1:*:*:*:*:*:*
juniperjunos19.4cpe:2.3:o:juniper:junos:19.4:r2-s2:*:*:*:*:*:*
Rows per page:
1-10 of 1381

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

EPSS

0.001

Percentile

22.6%

Related for NVD:CVE-2023-28963