CVE-2023-36844

Summary

A PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX Series allows an unauthenticated, network-based attacker to control certain, important environment variables.

Using a crafted request an attacker is able to modify

certain PHP environment variables leading to partial loss of integrity, which may allow chaining to other vulnerabilities. This issue affects Juniper Networks Junos OS on EX Series:

  • All versions prior to 20.4R3-S9;
  • 21.1 versions 21.1R1 and later;
  • 21.2 versions prior to 21.2R3-S7;
  • 21.3 versions

prior to

21.3R3-S5;

  • 21.4 versions

prior to

21.4R3-S5;

  • 22.1 versions

prior to

22.1R3-S4;

  • 22.2 versions

prior to

22.2R3-S2;

  • 22.3 versions

prior to 22.3R3-S1;

  • 22.4 versions

prior to

22.4R2-S2, 22.4R3;

  • 23.2 versions prior to

23.2R1-S1, 23.2R2.

Affected Software

VendorProductVersion RangeStatus
Juniper NetworksJunos OS0 < 20.4R3-S9affected
Juniper NetworksJunos OS21.1 < 21.1*affected
Juniper NetworksJunos OS21.2 < 21.2R3-S6affected
Juniper NetworksJunos OS21.3 < 21.3R3-S5affected
Juniper NetworksJunos OS21.4 < 21.4R3-S5affected
Juniper NetworksJunos OS22.1 < 22.1R3-S4affected
Juniper NetworksJunos OS22.2 < 22.2R3-S2affected
Juniper NetworksJunos OS22.3 < 22.3R3-S1affected
Juniper NetworksJunos OS22.4 < 22.4R2-S2, 22.4R3affected
Juniper NetworksJunos OS23.2 < 23.2R1-S1, 23.2R2affected

Weaknesses

  • CWE-473: CWE-473 PHP External Variable Modification

Workarounds

Disable J-Web, or limit access to only trusted hosts.

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: active
    • Automatable: yes
    • Technical Impact: total

Additional References

References