Juniper Networks released out-of-band updates to fix high-severity flaws

4 months ago AndyC

Juniper Networks released out-of-band updates to fix high-severity flaws

Pierluigi Paganini
January 30, 2024

Juniper Networks released out-of-band updates to fix high-severity flaws in SRX Series and EX Series that can allow attackers to take ove

Juniper Networks released out-of-band updates to fix high-severity flaws

Juniper Networks released out-of-band updates to fix high-severity flaws

Pierluigi Paganini
January 30, 2024

Juniper Networks released out-of-band updates to fix high-severity flaws in SRX Series and EX Series that can allow attackers to take over unpatched systems.

Juniper Networks has released out-of-band updates to address two high-severity flaws, tracked as CVE-2024-21619 and CVE-2024-21620, in SRX Series and EX Series that could be exploited by a threat actor to take control of susceptible systems.

The flaw CVE-2024-21619 (CVSS score: 5.3) is a Missing Authentication for Critical Function vulnerability. An unauthenticated, network-based attacker can chain this issue with a Generation of Error Message Containing Sensitive Information vulnerability in J-Web of Juniper Networks Junos OS on SRX Series and EX Series to access sensitive system information.

“When a user logs in, a temporary file which contains the configuration of the device (as visible to that user) is created in the /cache folder.” reads the advisory. “An unauthenticated attacker can then attempt to access such a file by sending a specific request to the device trying to guess the name of such a file. Successful exploitation will reveal configuration information.”

The flaw CVE-2024-21620 (CVSS score: 8.8) is an Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in J-Web of Juniper Networks Junos OS on SRX Series and EX Series. An attacker can trigger the flaw to craft a URL that when visited by another user enables the attacker to execute commands with the target’s permissions, including an administrator. A specific invocation of the emit_debug_note method in webauth_operation.php will echo back the data it receives.

The vendor also addressed two other vulnerabilities respectively tracked as CVE-2023-36846 and CVE-2023-36851:

  • CVE-2023-36846 (CVSS score: 5.3) – A Missing Authentication for Critical Function vulnerability in Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause limited impact to the file system integrity.
  • CVE-2023-36851 (CVSS score: 5.3) – A Missing Authentication for Critical Function vulnerability in Juniper Networks Junos OS on SRX Series and EX Series allows an unauthenticated, network-based attacker to cause limited impact to the file system integrity. 

The vulnerability was reported by cybersecurity firm watchtowr. As a workaround the company recommends disabling J-Web, or limiting access to only trusted hosts

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, Juniper Networks)

About Author

AndyC

Andy Curtis is an award-winning security consultant, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by state and federal government, leading healthcare and banking providers across three continents. He has given talks about computer security for some of the world’s largest companies, worked with law enforcement agencies on investigations into hacking groups, and is a regular voice on TV and radio explaining IT security threats.

See author's posts

Tags: , , , , , , , , , , , , , , , , , , ,

More Stories

FBI seized the notorious BreachForums hacking forum

FBI seized the notorious BreachForums hacking forum

16 mins ago AndyC
Smashing Security podcast #372: The fake deepfake, and Estate insecurity

Smashing Security podcast #372: The fake deepfake, and Estate insecurity

17 mins ago AndyC
A Tornado Cash developer has been sentenced to 64 months in prison

A Tornado Cash developer has been sentenced to 64 months in prison

6 hours ago AndyC
Adobe fixed multiple critical flaws in Acrobat and Reader

Adobe fixed multiple critical flaws in Acrobat and Reader

12 hours ago AndyC
Ransomware attack on Singing River Health System impacted 895,000 people

Ransomware attack on Singing River Health System impacted 895,000 people

18 hours ago AndyC
Microsoft Patch Tuesday security updates for May 2024 fixes 2 actively exploited zero-days

Microsoft Patch Tuesday security updates for May 2024 fixes 2 actively exploited zero-days

1 day ago AndyC

You may have missed

<div>Radware & Lightpath announce new DDoS protection partnership</div>

Radware & Lightpath announce new DDoS protection partnership

11 mins ago AndyC
Barracuda Networks enhances AI email protection for M365 users

Barracuda Networks enhances AI email protection for M365 users

11 mins ago AndyC
ANZ businesses face reality check on cyber recovery timelines

ANZ businesses face reality check on cyber recovery timelines

11 mins ago AndyC
<div>LogRhythm & Exabeam merger to spearhead AI in cybersecurity</div>

LogRhythm & Exabeam merger to spearhead AI in cybersecurity

11 mins ago AndyC
Illumio joins Microsoft security association for Azure boost

Illumio joins Microsoft security association for Azure boost

11 mins ago AndyC

Subscribe To InfoSec Today News

You have successfully subscribed to the newsletter

There was an error while trying to send your request. Please try again.

World Wide Crypto will use the information you provide on this form to be in touch with you and to provide updates and marketing.