CVE-2021-31381

Summary

A configuration weakness in the JBoss Application Server (AppSvr) component of Juniper Networks SRC Series allows a remote attacker to send a specially crafted query to cause the web server to delete files which may allow the attacker to disrupt the integrity and availability of the system.

Affected Software

VendorProductVersion RangeStatus
Juniper NetworksSRC Seriesunspecified < 4.12.0R5affected
Juniper NetworksSRC Series4.13.0 < 4.13.0R3affected

Weaknesses

  • CWE-16: CWE-16 Configuration
  • CWE-200: CWE-200 Information Exposure

Workarounds

There are no viable workarounds for this issue.

To reduce the risk of exploitation utilize common security BCPs to limit the exploitable surface by limiting access to network and device to trusted systems, administrators, networks and hosts.

ADP Enrichment

CVE Program Container

Additional References

References