379 matches found
Juniper Junos OS Authentication for Critical Function (CVE-2024-21619)
The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA76390 advisory. - A Missing Authentication for Critical Function vulnerability combined with a Generation of Error Message Containing Sensitive Information vulnerability in J-Web of Juniper...
Juniper Junos OS Authentication for Critical Function (CVE-2024-21620)
The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA76390 advisory. - An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in J-Web of Juniper Networks Junos OS on SRX Series and EX Series allow...
CVE-2024-39565
An Improper Neutralization of Data within XPath Expressions 'XPath Injection' vulnerability in J-Web shipped with Juniper Networks Junos OS allows an unauthenticated, network-based attacker to execute remote commands on the target device. While an administrator is logged into a J-Web session or...
CVE-2024-39565 Junos OS: J-Web: An unauthenticated, network-based attacker can perform XPATH injection attack against a device.
An Improper Neutralization of Data within XPath Expressions 'XPath Injection' vulnerability in J-Web shipped with Juniper Networks Junos OS allows an unauthenticated, network-based attacker to execute remote commands on the target device. While an administrator is logged into a J-Web session or...
CVE-2024-39565 Junos OS: J-Web: An unauthenticated, network-based attacker can perform XPATH injection attack against a device.
An Improper Neutralization of Data within XPath Expressions 'XPath Injection' vulnerability in J-Web shipped with Juniper Networks Junos OS allows an unauthenticated, network-based attacker to execute remote commands on the target device. While an administrator is logged into a J-Web session or...
Juniper Networks Junos OS Security Vulnerability
Juniper Networks Junos OS is a Juniper Networks USA network operating system dedicated to the company's hardware devices. The operating system provides a secure programming interface and the Junos SDK. A security vulnerability exists in Juniper Networks Junos OS, which arises from a data...
Juniper Junos OS Vulnerability (JSA83023)
The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA83023 advisory. - An Improper Neutralization of Data within XPath Expressions 'XPath Injection' vulnerability in J-Web shipped with Juniper Networks Junos OS allows an unauthenticated,...
Exploit for PHP External Variable Modification in Juniper Junos
CVE-2023-36845 A PHP External Variable Modification vulnerab...
Exploit for PHP External Variable Modification in Juniper Junos
CVE-2023-36845 This script provides an automated Proof of C...
Exploit for PHP External Variable Modification in Juniper Junos
CVE-2023-36845-6 CVE-2023-36845 and CVE-2023-36846 Juniper Jun...
The vulnerability of the J-Web interface in Juniper Networks Junos OS systems arises from the lack of authentication for critical functions and deficiencies in the error reporting mechanism. This allows attackers to gain access to confidential information.
The vulnerability of the J-Web interface in Juniper Networks Junos OS operating systems is related to the lack of authentication for critical functions and deficiencies in the error reporting mechanism. Exploiting this vulnerability can allow a malicious actor to gain access to confidential...
Juniper Networks Releases Urgent Junos OS Updates for High-Severity Flaws
Juniper Networks has released out-of-band updates to address high-severity flaws in SRX Series and EX Series that could be exploited by a threat actor to take control of susceptible systems. The vulnerabilities, tracked as CVE-2024-21619 and CVE-2024-21620, are rooted in the J-Web component and...
The vulnerability of the emmitdebugnote method in the webauthoperation.php file of the J-Web interface on Juniper Networks Junos OS devices in the SRX and EX series allows a perpetrator to execute arbitrary code.
The vulnerability of the emmitdebugnote method in the webauthoperation.php file of the J-Web interface on Juniper Networks Junos OS devices in the SRX and EX series is related to the lack of protective measures for the website structure. Exploiting this vulnerability allows a malicious actor to...
Juniper Networks Releases Security Bulletin for J-Web in Junos OS SRX Series and EX Series
Juniper Networks released a security bulletin to address multiple vulnerabilities for J-Web in Junos OS SRX Series and EX Series. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Juniper...
CVE-2024-21620
An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in J-Web of Juniper Networks Junos OS on SRX Series and EX Series allows an attacker to construct a URL that when visited by another user enables the attacker to execute commands with the target's...
Authentication flaw
A Missing Authentication for Critical Function vulnerability combined with a Generation of Error Message Containing Sensitive Information vulnerability in J-Web of Juniper Networks Junos OS on SRX Series and EX Series allows an unauthenticated, network-based attacker to access sensitive system...
Cross site scripting
An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in J-Web of Juniper Networks Junos OS on SRX Series and EX Series allows an attacker to construct a URL that when visited by another user enables the attacker to execute commands with the target's...
CVE-2024-21620 Junos OS: SRX Series and EX Series: J-Web doesn't sufficiently sanitize input to prevent XSS
An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in J-Web of Juniper Networks Junos OS on SRX Series and EX Series allows an attacker to construct a URL that when visited by another user enables the attacker to execute commands with the target's...
CVE-2024-21620 Junos OS: SRX Series and EX Series: J-Web doesn't sufficiently sanitize input to prevent XSS
An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in J-Web of Juniper Networks Junos OS on SRX Series and EX Series allows an attacker to construct a URL that when visited by another user enables the attacker to execute commands with the target's...
CVE-2024-21619 Junos OS: SRX Series and EX Series: J-Web - unauthenticated access to temporary files containing sensitive information
A Missing Authentication for Critical Function vulnerability combined with a Generation of Error Message Containing Sensitive Information vulnerability in J-Web of Juniper Networks Junos OS on SRX Series and EX Series allows an unauthenticated, network-based attacker to access sensitive system...