CVE-2023-36851
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Summary
A Missing Authentication for Critical Function vulnerability in Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause limited impact to the file system integrity.
With a specific request to
webauth_operation.php
that doesn't require authentication, an attacker is able to upload and download arbitrary files via J-Web, leading to a loss of
integrity or confidentiality, which may allow chaining to other vulnerabilities.
This issue affects Juniper Networks Junos OS on SRX Series:
21.2 versions prior to 21.2R3-S8;
- 21.4
versions prior to
21.4R3-S6;
- 22.1
versions prior to
22.1R3-S5;
- 22.2
versions prior to
22.2R3-S3;
- 22.3
versions prior to
22.3R3-S2;
- 22.4 versions prior to 22,4R2-S2, 22.4R3;
- 23.2 versions prior to
23.2R1-S2, 23.2R2.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Juniper Networks | Junos OS | 21.2 < 21.2R3-S8 | affected |
| Juniper Networks | Junos OS | 21.4 < 21.4R3-S6 | affected |
| Juniper Networks | Junos OS | 22.1 < 22.1R3-S5 | affected |
| Juniper Networks | Junos OS | 22.2 < 22.2R3-S3 | affected |
| Juniper Networks | Junos OS | 22.3 < 22.3R3-S2 | affected |
| Juniper Networks | Junos OS | 22.4 < 22.4R2-S2, 22.4R3 | affected |
| Juniper Networks | Junos OS | 23.2 < 23.2R1-S2, 23.2R2 | affected |
Weaknesses
- CWE-306: CWE-306 Missing Authentication for Critical Function
Workarounds
Disable J-Web, or limit access to only trusted hosts.
ADP Enrichment
CVE Program Container
Additional References
CISA ADP Vulnrichment
- SSVC:
- Exploitation: active
- Automatable: yes
- Technical Impact: total
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.