[ad_1]
Networking {hardware} firm Juniper Networks has launched an “out-of-cycle” safety replace to deal with a number of flaws within the J-Web element of Junos OS that could possibly be mixed to attain distant code execution on vulnerable installations.
The 4 vulnerabilities have a cumulative CVSS ranking of 9.8, making them Critical in severity. They have an effect on all variations of Junos OS on SRX and EX Series.
“By chaining exploitation of those vulnerabilities, an unauthenticated, network-based attacker could possibly remotely execute code on the units,” the corporate stated in an advisory launched on August 17, 2023.
The J-Web interface permits customers to configure, handle, and monitor Junos OS units. A quick description of the issues is as follows –
- CVE-2023-36844 and CVE-2023-36845 (CVSS scores: 5.3) – Two PHP exterior variable modification vulnerabilities in J-Web of Juniper Networks Junos OS on EX Series and SRX Series permits an unauthenticated, network-based attacker to regulate sure, vital environments variables.
- CVE-2023-36846 and CVE-2023-36847 (CVSS scores: 5.3) – Two lacking authentications for crucial operate vulnerabilities in Juniper Networks Junos OS on EX Series and SRX Series permit an unauthenticated, network-based attacker to trigger restricted affect to the file system integrity.
A menace actor might ship a specifically crafted request to switch sure PHP setting variables or add arbitrary recordsdata by way of J-Web sans any authentication to efficiently exploit the aforementioned points.
The vulnerabilities have been addressed within the beneath variations –
- EX Series – Junos OS variations 20.4R3-S8, 21.2R3-S6, 21.3R3-S5, 21.4R3-S4, 22.1R3-S3, 22.2R3-S1, 22.3R2-S2, 22.3R3, 22.4R2-S1, 22.4R3, and 23.2R1
- SRX Series – Junos OS variations 20.4R3-S8, 21.2R3-S6, 21.3R3-S5, 21.4R3-S5, 22.1R3-S3, 22.2R3-S2, 22.3R2-S2, 22.3R3, 22.4R2-S1, 22.4R3, and 23.2R1
Users are advisable to use the required fixes to mitigate potential distant code execution threats. As a workaround, Juniper Networks is suggesting that customers both disable J-Web or restrict entry to solely trusted hosts.