Lucene search
+L

379 matches found

Tenable Nessus
Tenable Nessus
added 2025/02/05 12:0 a.m.11 views

Juniper Junos OS Authentication for Critical Function (CVE-2024-21619)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA76390 advisory. - A Missing Authentication for Critical Function vulnerability combined with a Generation of Error Message Containing Sensitive Information vulnerability in J-Web of Juniper...

7.5CVSS7.4AI score0.00882EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/02/05 12:0 a.m.9 views

Juniper Junos OS Authentication for Critical Function (CVE-2024-21620)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA76390 advisory. - An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in J-Web of Juniper Networks Junos OS on SRX Series and EX Series allow...

8.8CVSS6.8AI score0.00908EPSS
Exploits0References2
NVD
NVD
added 2024/07/10 11:15 p.m.15 views

CVE-2024-39565

An Improper Neutralization of Data within XPath Expressions 'XPath Injection' vulnerability in J-Web shipped with Juniper Networks Junos OS allows an unauthenticated, network-based attacker to execute remote commands on the target device. While an administrator is logged into a J-Web session or...

8.8CVSS0.00517EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/07/10 10:55 p.m.28 views

CVE-2024-39565 Junos OS: J-Web: An unauthenticated, network-based attacker can perform XPATH injection attack against a device.

An Improper Neutralization of Data within XPath Expressions 'XPath Injection' vulnerability in J-Web shipped with Juniper Networks Junos OS allows an unauthenticated, network-based attacker to execute remote commands on the target device. While an administrator is logged into a J-Web session or...

8.8CVSS0.00517EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/07/10 10:55 p.m.22 views

CVE-2024-39565 Junos OS: J-Web: An unauthenticated, network-based attacker can perform XPATH injection attack against a device.

An Improper Neutralization of Data within XPath Expressions 'XPath Injection' vulnerability in J-Web shipped with Juniper Networks Junos OS allows an unauthenticated, network-based attacker to execute remote commands on the target device. While an administrator is logged into a J-Web session or...

8.8CVSS7.3AI score0.00517EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/07/10 12:0 a.m.8 views

Juniper Networks Junos OS Security Vulnerability

Juniper Networks Junos OS is a Juniper Networks USA network operating system dedicated to the company's hardware devices. The operating system provides a secure programming interface and the Junos SDK. A security vulnerability exists in Juniper Networks Junos OS, which arises from a data...

8.8CVSS7.2AI score0.00517EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/07/10 12:0 a.m.16 views

Juniper Junos OS Vulnerability (JSA83023)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA83023 advisory. - An Improper Neutralization of Data within XPath Expressions 'XPath Injection' vulnerability in J-Web shipped with Juniper Networks Junos OS allows an unauthenticated,...

8.8CVSS6AI score0.00517EPSS
Exploits0References4
GithubExploit
GithubExploit
added 2024/02/18 3:37 p.m.218 views

Exploit for PHP External Variable Modification in Juniper Junos

CVE-2023-36845 A PHP External Variable Modification vulnerab...

9.8CVSS9.8AI score0.93546EPSS
Exploits25
GithubExploit
GithubExploit
added 2024/02/14 12:47 p.m.396 views

Exploit for PHP External Variable Modification in Juniper Junos

CVE-2023-36845 This script provides an automated Proof of C...

9.8CVSS9.8AI score0.93546EPSS
Exploits25
GithubExploit
GithubExploit
added 2024/02/13 2:59 p.m.210 views

Exploit for PHP External Variable Modification in Juniper Junos

CVE-2023-36845-6 CVE-2023-36845 and CVE-2023-36846 Juniper Jun...

9.8CVSS7.8AI score0.94205EPSS
Exploits26
BDU FSTEC
BDU FSTEC
added 2024/02/02 12:0 a.m.11 views

The vulnerability of the J-Web interface in Juniper Networks Junos OS systems arises from the lack of authentication for critical functions and deficiencies in the error reporting mechanism. This allows attackers to gain access to confidential information.

The vulnerability of the J-Web interface in Juniper Networks Junos OS operating systems is related to the lack of authentication for critical functions and deficiencies in the error reporting mechanism. Exploiting this vulnerability can allow a malicious actor to gain access to confidential...

5.4CVSS7.5AI score0.00882EPSS
Exploits0References3Affected Software1
The Hacker News
The Hacker News
added 2024/01/30 5:1 a.m.98 views

Juniper Networks Releases Urgent Junos OS Updates for High-Severity Flaws

Juniper Networks has released out-of-band updates to address high-severity flaws in SRX Series and EX Series that could be exploited by a threat actor to take control of susceptible systems. The vulnerabilities, tracked as CVE-2024-21619 and CVE-2024-21620, are rooted in the J-Web component and...

9.8CVSS8AI score0.94205EPSS
Exploits5
BDU FSTEC
BDU FSTEC
added 2024/01/30 12:0 a.m.6 views

The vulnerability of the emmitdebugnote method in the webauthoperation.php file of the J-Web interface on Juniper Networks Junos OS devices in the SRX and EX series allows a perpetrator to execute arbitrary code.

The vulnerability of the emmitdebugnote method in the webauthoperation.php file of the J-Web interface on Juniper Networks Junos OS devices in the SRX and EX series is related to the lack of protective measures for the website structure. Exploiting this vulnerability allows a malicious actor to...

10CVSS7.1AI score0.00908EPSS
Exploits0References3Affected Software1
CISA
CISA
added 2024/01/29 12:0 p.m.4 views

Juniper Networks Releases Security Bulletin for J-Web in Junos OS SRX Series and EX Series

Juniper Networks released a security bulletin to address multiple vulnerabilities for J-Web in Junos OS SRX Series and EX Series. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Juniper...

7.6AI score
Exploits0References1
OSV
OSV
added 2024/01/25 11:15 p.m.4 views

CVE-2024-21620

An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in J-Web of Juniper Networks Junos OS on SRX Series and EX Series allows an attacker to construct a URL that when visited by another user enables the attacker to execute commands with the target's...

6.1CVSS5.9AI score0.00908EPSS
Exploits0References1
Prion
Prion
added 2024/01/25 11:15 p.m.34 views

Authentication flaw

A Missing Authentication for Critical Function vulnerability combined with a Generation of Error Message Containing Sensitive Information vulnerability in J-Web of Juniper Networks Junos OS on SRX Series and EX Series allows an unauthenticated, network-based attacker to access sensitive system...

5CVSS7.2AI score0.00882EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2024/01/25 11:15 p.m.29 views

Cross site scripting

An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in J-Web of Juniper Networks Junos OS on SRX Series and EX Series allows an attacker to construct a URL that when visited by another user enables the attacker to execute commands with the target's...

5.8CVSS7.5AI score0.00908EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/01/25 10:50 p.m.7 views

CVE-2024-21620 Junos OS: SRX Series and EX Series: J-Web doesn't sufficiently sanitize input to prevent XSS

An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in J-Web of Juniper Networks Junos OS on SRX Series and EX Series allows an attacker to construct a URL that when visited by another user enables the attacker to execute commands with the target's...

8.8CVSS8.8AI score0.00908EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/01/25 10:50 p.m.41 views

CVE-2024-21620 Junos OS: SRX Series and EX Series: J-Web doesn't sufficiently sanitize input to prevent XSS

An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in J-Web of Juniper Networks Junos OS on SRX Series and EX Series allows an attacker to construct a URL that when visited by another user enables the attacker to execute commands with the target's...

8.8CVSS9AI score0.00908EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/01/25 10:48 p.m.38 views

CVE-2024-21619 Junos OS: SRX Series and EX Series: J-Web - unauthenticated access to temporary files containing sensitive information

A Missing Authentication for Critical Function vulnerability combined with a Generation of Error Message Containing Sensitive Information vulnerability in J-Web of Juniper Networks Junos OS on SRX Series and EX Series allows an unauthenticated, network-based attacker to access sensitive system...

5.3CVSS7.8AI score0.00882EPSS
Exploits0References1
Rows per page
Query Builder