CVE-2023-36846

5.3

MEDIUM

Juniper Junos OS SRX Series Missing Authentication - [Actively Exploited]

Description

A Missing Authentication for Critical Function vulnerability in Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause limited impact to the file system integrity. With a specific request to user.php that doesn't require authentication an attacker is able to upload arbitrary files via J-Web, leading to a loss of integrity for a certain part of the file system, which may allow chaining to other vulnerabilities. This issue affects Juniper Networks Junos OS on SRX Series: * All versions prior to 20.4R3-S8; * 21.1 versions 21.1R1 and later; * 21.2 versions prior to 21.2R3-S6; * 21.3 versions prior to 21.3R3-S5; * 21.4 versions prior to 21.4R3-S5; * 22.1 versions prior to 22.1R3-S3; * 22.2 versions prior to 22.2R3-S2; * 22.3 versions prior to 22.3R2-S2, 22.3R3; * 22.4 versions prior to 22.4R2-S1, 22.4R3.

INFO

Published Date :

Aug. 17, 2023, 8:15 p.m.

Last Modified :

June 27, 2024, 6:29 p.m.

Source :

[email protected]

Remotely Exploitable :

Yes !

Impact Score :

1.4

Exploitability Score :

3.9

CISA Notification

CISA KEV (Known Exploited Vulnerabilities)

For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild.

Due Date: Nov 17, 2023

Alert Date: Nov 13, 2023 | 367 days ago

Description :

Juniper Junos OS on SRX Series contains a missing authentication for critical function vulnerability that allows an unauthenticated, network-based attacker to cause limited impact to the file system integrity. With a specific request to user.php that doesn't require authentication, an attacker is able to upload arbitrary files via J-Web, leading to a loss of integrity for a certain part of the file system, which may allow chaining to other vulnerabilities.

Required Action :

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Notes :

https://supportportal.juniper.net/s/article/2023-08-Out-of-Cycle-Security-Bulletin-Junos-OS-SRX-Series-and-EX-Series-Multiple-vulnerabilities-in-J-Web-can-be-combined-to-allow-a-preAuth-Remote-Code-Execution?language=en_US

Public PoC/Exploit Available at Github

CVE-2023-36846 has a 7 public PoC/Exploit available at Github. Go to the Public Exploits tab to see the list.

Affected Products

The following products are affected by CVE-2023-36846 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID	Vendor	Product
1	Juniper	junos
2	Juniper	srx100
3	Juniper	srx110
4	Juniper	srx210
5	Juniper	srx220
6	Juniper	srx240
7	Juniper	srx550
8	Juniper	srx650
9	Juniper	srx1400
10	Juniper	srx3400
11	Juniper	srx3600
12	Juniper	srx5600
13	Juniper	srx5800
14	Juniper	srx1500
15	Juniper	srx240h2
16	Juniper	srx240m
17	Juniper	srx300
18	Juniper	srx320
19	Juniper	srx340
20	Juniper	srx345
21	Juniper	srx380
22	Juniper	srx4000
23	Juniper	srx4100
24	Juniper	srx4200
25	Juniper	srx4600
26	Juniper	srx5000
27	Juniper	srx5400
28	Juniper	srx550_hm
29	Juniper	srx550m

: Total Affected Vendor : 1 | Products : 29

References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2023-36846.

URL	Resource
https://supportportal.juniper.net/JSA72300	Mitigation Vendor Advisory

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

iveresk/CVE-2023-36845-6-

CVE-2023-36845 и CVE-2023-36846 Juniper Junos OS J-Web RCE

Shell

Updated: 9 months ago

0 stars 0 fork 0 watcher

Born at : Feb. 13, 2024, 2:59 p.m. This repo has been linked 2 different CVEs too.

r3dcl1ff/CVE-2023-36844_Juniper_RCE

A Proof of Concept for chaining the CVEs [CVE-2023-36844, CVE-2023-36845, CVE-2023-36846, CVE-2023-36847] to achieve Remote Code Execution (phpinfo) in Juniper JunOS within SRX and EX Series products.Modified from original exploit developed by @watchTowr .

Python

Updated: 9 months ago

2 stars 2 fork 2 watcher

Born at : Sept. 24, 2023, 1:30 p.m. This repo has been linked 4 different CVEs too.

Dreamy-elfland/CVE-2023-36846

批量检测CVE-2023-36846漏洞

Python

Updated: 1 year, 1 month ago

1 stars 0 fork 0 watcher

Born at : Sept. 21, 2023, 2:15 p.m. This repo has been linked 1 different CVEs too.

securi3ytalent/bugbounty-CVE-Report

Bug bounty Report/ CVS and buig bounty tips

bugbounty bugbounty-reports bugbounty-tool bugbounty-writeups bugbountytips bugbountytricks cve cve-scanning cve-search cvelist

Updated: 10 months, 4 weeks ago

3 stars 1 fork 1 watcher

Born at : Aug. 31, 2023, 4:32 p.m. This repo has been linked 10 different CVEs too.

Chocapikk/CVE-2023-36846

Remote Code Execution on Junos OS CVE-2023-36846

Python

Updated: 3 months ago

2 stars 0 fork 0 watcher

Born at : Aug. 29, 2023, 6:50 p.m. This repo has been linked 1 different CVEs too.

watchtowrlabs/juniper-rce_cve-2023-36844

None

Python

Updated: 3 months ago

109 stars 28 fork 28 watcher

Born at : Aug. 25, 2023, 7:28 a.m. This repo has been linked 4 different CVEs too.

Ostorlab/KEV

Ostorlab KEV: One-command to detect most remotely known exploitable vulnerabilities. Sourced from CISA KEV, Google's Tsunami, Ostorlab's Asteroid and Bug Bounty programs.

cisa-kev vulnerability 0day cisa exploits

Updated: 2 months, 1 week ago

516 stars 32 fork 32 watcher

Born at : April 19, 2022, 8:58 a.m. This repo has been linked 1181 different CVEs too.

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2023-36846 vulnerability anywhere in the article.

The following table lists the changes that have been made to the CVE-2023-36846 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

Modified Analysis by [email protected]

Jun. 27, 2024

Action	Type	Old Value	New Value
Removed	CPE Configuration	AND OR cpe:2.3:h:juniper:ex2200:-:::::::* cpe:2.3:h:juniper:ex2200-c:-:::::::* cpe:2.3:h:juniper:ex2200-vc:-:::::::* cpe:2.3:h:juniper:ex2300:-:::::::* cpe:2.3:h:juniper:ex2300-24mp:-:::::::* cpe:2.3:h:juniper:ex2300-24p:-:::::::* cpe:2.3:h:juniper:ex2300-24t:-:::::::* cpe:2.3:h:juniper:ex2300-48mp:-:::::::* cpe:2.3:h:juniper:ex2300-48p:-:::::::* cpe:2.3:h:juniper:ex2300-48t:-:::::::* cpe:2.3:h:juniper:ex2300-c:-:::::::* cpe:2.3:h:juniper:ex2300m:-:::::::* cpe:2.3:h:juniper:ex3200:-:::::::* cpe:2.3:h:juniper:ex3300:-:::::::* cpe:2.3:h:juniper:ex3300-vc:-:::::::* cpe:2.3:h:juniper:ex3400:-:::::::* cpe:2.3:h:juniper:ex4200:-:::::::* cpe:2.3:h:juniper:ex4200-vc:-:::::::* cpe:2.3:h:juniper:ex4300:-:::::::* cpe:2.3:h:juniper:ex4300-24p:-:::::::* cpe:2.3:h:juniper:ex4300-24p-s:-:::::::* cpe:2.3:h:juniper:ex4300-24t:-:::::::* cpe:2.3:h:juniper:ex4300-24t-s:-:::::::* cpe:2.3:h:juniper:ex4300-32f:-:::::::* cpe:2.3:h:juniper:ex4300-32f-dc:-:::::::* cpe:2.3:h:juniper:ex4300-32f-s:-:::::::* cpe:2.3:h:juniper:ex4300-48mp:-:::::::* cpe:2.3:h:juniper:ex4300-48mp-s:-:::::::* cpe:2.3:h:juniper:ex4300-48p:-:::::::* cpe:2.3:h:juniper:ex4300-48p-s:-:::::::* cpe:2.3:h:juniper:ex4300-48t:-:::::::* cpe:2.3:h:juniper:ex4300-48t-afi:-:::::::* cpe:2.3:h:juniper:ex4300-48t-dc:-:::::::* cpe:2.3:h:juniper:ex4300-48t-dc-afi:-:::::::* cpe:2.3:h:juniper:ex4300-48t-s:-:::::::* cpe:2.3:h:juniper:ex4300-48tafi:-:::::::* cpe:2.3:h:juniper:ex4300-48tdc:-:::::::* cpe:2.3:h:juniper:ex4300-48tdc-afi:-:::::::* cpe:2.3:h:juniper:ex4300-mp:-:::::::* cpe:2.3:h:juniper:ex4300-vc:-:::::::* cpe:2.3:h:juniper:ex4300m:-:::::::* cpe:2.3:h:juniper:ex4400:-:::::::* cpe:2.3:h:juniper:ex4500:-:::::::* cpe:2.3:h:juniper:ex4500-vc:-:::::::* cpe:2.3:h:juniper:ex4550:-:::::::* cpe:2.3:h:juniper:ex4550-vc:-:::::::* cpe:2.3:h:juniper:ex4550\/vc:-:::::::* cpe:2.3:h:juniper:ex4600:-:::::::* cpe:2.3:h:juniper:ex4600-vc:-:::::::* cpe:2.3:h:juniper:ex4650:-:::::::* cpe:2.3:h:juniper:ex6200:-:::::::* cpe:2.3:h:juniper:ex6210:-:::::::* cpe:2.3:h:juniper:ex8200:-:::::::* cpe:2.3:h:juniper:ex8200-vc:-:::::::* cpe:2.3:h:juniper:ex8208:-:::::::* cpe:2.3:h:juniper:ex8216:-:::::::* cpe:2.3:h:juniper:ex9200:-:::::::* cpe:2.3:h:juniper:ex9204:-:::::::* cpe:2.3:h:juniper:ex9208:-:::::::* cpe:2.3:h:juniper:ex9214:-:::::::* cpe:2.3:h:juniper:ex9250:-:::::::* cpe:2.3:h:juniper:ex9251:-:::::::* cpe:2.3:h:juniper:ex9253:-:::::::* OR cpe:2.3:o:juniper:junos::::::::* versions up to (excluding) 20.4 cpe:2.3:o:juniper:junos:20.4:-::::::* cpe:2.3:o:juniper:junos:20.4:r1::::::* cpe:2.3:o:juniper:junos:20.4:r1-s1::::::* cpe:2.3:o:juniper:junos:20.4:r2::::::* cpe:2.3:o:juniper:junos:20.4:r2-s1::::::* cpe:2.3:o:juniper:junos:20.4:r2-s2::::::* cpe:2.3:o:juniper:junos:20.4:r3::::::* cpe:2.3:o:juniper:junos:20.4:r3-s1::::::* cpe:2.3:o:juniper:junos:20.4:r3-s2::::::* cpe:2.3:o:juniper:junos:20.4:r3-s3::::::* cpe:2.3:o:juniper:junos:20.4:r3-s4::::::* cpe:2.3:o:juniper:junos:20.4:r3-s5::::::* cpe:2.3:o:juniper:junos:20.4:r3-s6::::::* cpe:2.3:o:juniper:junos:20.4:r3-s7::::::* cpe:2.3:o:juniper:junos:21.1:r1::::::* cpe:2.3:o:juniper:junos:21.1:r1-s1::::::* cpe:2.3:o:juniper:junos:21.1:r2::::::* cpe:2.3:o:juniper:junos:21.1:r2-s1::::::* cpe:2.3:o:juniper:junos:21.1:r2-s2::::::* cpe:2.3:o:juniper:junos:21.1:r3::::::* cpe:2.3:o:juniper:junos:21.1:r3-s1::::::* cpe:2.3:o:juniper:junos:21.1:r3-s2::::::* cpe:2.3:o:juniper:junos:21.1:r3-s3::::::* cpe:2.3:o:juniper:junos:21.1:r3-s4::::::* cpe:2.3:o:juniper:junos:21.1:r3-s5::::::* cpe:2.3:o:juniper:junos:21.2:-::::::* cpe:2.3:o:juniper:junos:21.2:r1::::::* cpe:2.3:o:juniper:junos:21.2:r1-s1::::::* cpe:2.3:o:juniper:junos:21.2:r1-s2::::::* cpe:2.3:o:juniper:junos:21.2:r2::::::* cpe:2.3:o:juniper:junos:21.2:r2-s1::::::* cpe:2.3:o:juniper:junos:21.2:r2-s2::::::* cpe:2.3:o:juniper:junos:21.2:r3::::::* cpe:2.3:o:juniper:junos:21.2:r3-s1::::::* cpe:2.3:o:juniper:junos:21.2:r3-s2::::::* cpe:2.3:o:juniper:junos:21.2:r3-s3::::::* cpe:2.3:o:juniper:junos:21.2:r3-s4::::::* cpe:2.3:o:juniper:junos:21.2:r3-s5::::::* cpe:2.3:o:juniper:junos:21.3:-::::::* cpe:2.3:o:juniper:junos:21.3:r1::::::* cpe:2.3:o:juniper:junos:21.3:r1-s1::::::* cpe:2.3:o:juniper:junos:21.3:r1-s2::::::* cpe:2.3:o:juniper:junos:21.3:r2::::::* cpe:2.3:o:juniper:junos:21.3:r2-s1::::::* cpe:2.3:o:juniper:junos:21.3:r2-s2::::::* cpe:2.3:o:juniper:junos:21.3:r3::::::* cpe:2.3:o:juniper:junos:21.3:r3-s1::::::* cpe:2.3:o:juniper:junos:21.3:r3-s2::::::* cpe:2.3:o:juniper:junos:21.3:r3-s3::::::* cpe:2.3:o:juniper:junos:21.3:r3-s4::::::* cpe:2.3:o:juniper:junos:21.4:-::::::* cpe:2.3:o:juniper:junos:21.4:r1::::::* cpe:2.3:o:juniper:junos:21.4:r1-s1::::::* cpe:2.3:o:juniper:junos:21.4:r1-s2::::::* cpe:2.3:o:juniper:junos:21.4:r2::::::* cpe:2.3:o:juniper:junos:21.4:r2-s1::::::* cpe:2.3:o:juniper:junos:21.4:r2-s2::::::* cpe:2.3:o:juniper:junos:21.4:r3::::::* cpe:2.3:o:juniper:junos:21.4:r3-s1::::::* cpe:2.3:o:juniper:junos:21.4:r3-s2::::::* cpe:2.3:o:juniper:junos:21.4:r3-s3::::::* cpe:2.3:o:juniper:junos:21.4:r3-s4::::::* cpe:2.3:o:juniper:junos:22.1:r1::::::* cpe:2.3:o:juniper:junos:22.1:r1-s1::::::* cpe:2.3:o:juniper:junos:22.1:r1-s2::::::* cpe:2.3:o:juniper:junos:22.1:r2::::::* cpe:2.3:o:juniper:junos:22.1:r2-s1::::::* cpe:2.3:o:juniper:junos:22.1:r2-s2::::::* cpe:2.3:o:juniper:junos:22.1:r3::::::* cpe:2.3:o:juniper:junos:22.1:r3-s1::::::* cpe:2.3:o:juniper:junos:22.1:r3-s2::::::* cpe:2.3:o:juniper:junos:22.2:r1::::::* cpe:2.3:o:juniper:junos:22.2:r1-s1::::::* cpe:2.3:o:juniper:junos:22.2:r1-s2::::::* cpe:2.3:o:juniper:junos:22.2:r2::::::* cpe:2.3:o:juniper:junos:22.2:r2-s1::::::* cpe:2.3:o:juniper:junos:22.2:r2-s2::::::* cpe:2.3:o:juniper:junos:22.2:r3::::::* cpe:2.3:o:juniper:junos:22.2:r3-s1::::::* cpe:2.3:o:juniper:junos:22.3:r1::::::* cpe:2.3:o:juniper:junos:22.3:r1-s1::::::* cpe:2.3:o:juniper:junos:22.3:r1-s2::::::* cpe:2.3:o:juniper:junos:22.3:r2::::::* cpe:2.3:o:juniper:junos:22.3:r2-s1::::::* cpe:2.3:o:juniper:junos:22.4:r1::::::* cpe:2.3:o:juniper:junos:22.4:r1-s1::::::* cpe:2.3:o:juniper:junos:22.4:r1-s2::::::* cpe:2.3:o:juniper:junos:22.4:r2::::::*

CVE Modified by [email protected]

May. 14, 2024

Action	Type	Old Value	New Value

CVE Modified by [email protected]

Sep. 27, 2023

Action	Type	Old Value	New Value
Changed	Description	A Missing Authentication for Critical Function vulnerability in Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause limited impact to the file system integrity. With a specific request that doesn't require authentication an attacker is able to upload arbitrary files via J-Web, leading to a loss of integrity for a certain part of the file system, which may allow chaining to other vulnerabilities. This issue affects Juniper Networks Junos OS on SRX Series: * All versions prior to 20.4R3-S8; * 21.2 versions prior to 21.2R3-S6; * 21.3 versions prior to 21.3R3-S5; * 21.4 versions prior to 21.4R3-S5; * 22.1 versions prior to 22.1R3-S3; * 22.2 versions prior to 22.2R3-S2; * 22.3 versions prior to 22.3R2-S2, 22.3R3; * 22.4 versions prior to 22.4R2-S1, 22.4R3.	A Missing Authentication for Critical Function vulnerability in Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause limited impact to the file system integrity. With a specific request to user.php that doesn't require authentication an attacker is able to upload arbitrary files via J-Web, leading to a loss of integrity for a certain part of the file system, which may allow chaining to other vulnerabilities. This issue affects Juniper Networks Junos OS on SRX Series: * All versions prior to 20.4R3-S8; * 21.1 versions 21.1R1 and later; * 21.2 versions prior to 21.2R3-S6; * 21.3 versions prior to 21.3R3-S5; * 21.4 versions prior to 21.4R3-S5; * 22.1 versions prior to 22.1R3-S3; * 22.2 versions prior to 22.2R3-S2; * 22.3 versions prior to 22.3R2-S2, 22.3R3; * 22.4 versions prior to 22.4R2-S1, 22.4R3.
Removed	Reference	http://packetstormsecurity.com/files/174397/Juniper-JunOS-SRX-EX-Remote-Code-Execution.html [No Types Assigned]

CVE Modified by [email protected]

Aug. 30, 2023

Action	Type	Old Value	New Value
Added	Reference		http://packetstormsecurity.com/files/174397/Juniper-JunOS-SRX-EX-Remote-Code-Execution.html [No Types Assigned]

Initial Analysis by [email protected]

Aug. 24, 2023

Action	Type	Old Value	New Value
Changed	Reference Type	https://supportportal.juniper.net/JSA72300 No Types Assigned	https://supportportal.juniper.net/JSA72300 Mitigation, Vendor Advisory
Added	CWE		NIST CWE-306
Added	CPE Configuration		AND OR cpe:2.3:o:juniper:junos::::::::* versions up to (excluding) 20.4 cpe:2.3:o:juniper:junos:20.4:-::::::* cpe:2.3:o:juniper:junos:20.4:r1::::::* cpe:2.3:o:juniper:junos:20.4:r1-s1::::::* cpe:2.3:o:juniper:junos:20.4:r2::::::* cpe:2.3:o:juniper:junos:20.4:r2-s1::::::* cpe:2.3:o:juniper:junos:20.4:r2-s2::::::* cpe:2.3:o:juniper:junos:20.4:r3::::::* cpe:2.3:o:juniper:junos:20.4:r3-s1::::::* cpe:2.3:o:juniper:junos:20.4:r3-s2::::::* cpe:2.3:o:juniper:junos:20.4:r3-s3::::::* cpe:2.3:o:juniper:junos:20.4:r3-s4::::::* cpe:2.3:o:juniper:junos:20.4:r3-s5::::::* cpe:2.3:o:juniper:junos:20.4:r3-s6::::::* cpe:2.3:o:juniper:junos:20.4:r3-s7::::::* cpe:2.3:o:juniper:junos:21.1:r1::::::* cpe:2.3:o:juniper:junos:21.1:r1-s1::::::* cpe:2.3:o:juniper:junos:21.1:r2::::::* cpe:2.3:o:juniper:junos:21.1:r2-s1::::::* cpe:2.3:o:juniper:junos:21.1:r2-s2::::::* cpe:2.3:o:juniper:junos:21.1:r3::::::* cpe:2.3:o:juniper:junos:21.1:r3-s1::::::* cpe:2.3:o:juniper:junos:21.1:r3-s2::::::* cpe:2.3:o:juniper:junos:21.1:r3-s3::::::* cpe:2.3:o:juniper:junos:21.1:r3-s4::::::* cpe:2.3:o:juniper:junos:21.1:r3-s5::::::* cpe:2.3:o:juniper:junos:21.2:-::::::* cpe:2.3:o:juniper:junos:21.2:r1::::::* cpe:2.3:o:juniper:junos:21.2:r1-s1::::::* cpe:2.3:o:juniper:junos:21.2:r1-s2::::::* cpe:2.3:o:juniper:junos:21.2:r2::::::* cpe:2.3:o:juniper:junos:21.2:r2-s1::::::* cpe:2.3:o:juniper:junos:21.2:r2-s2::::::* cpe:2.3:o:juniper:junos:21.2:r3::::::* cpe:2.3:o:juniper:junos:21.2:r3-s1::::::* cpe:2.3:o:juniper:junos:21.2:r3-s2::::::* cpe:2.3:o:juniper:junos:21.2:r3-s3::::::* cpe:2.3:o:juniper:junos:21.2:r3-s4::::::* cpe:2.3:o:juniper:junos:21.2:r3-s5::::::* cpe:2.3:o:juniper:junos:21.3:-::::::* cpe:2.3:o:juniper:junos:21.3:r1::::::* cpe:2.3:o:juniper:junos:21.3:r1-s1::::::* cpe:2.3:o:juniper:junos:21.3:r1-s2::::::* cpe:2.3:o:juniper:junos:21.3:r2::::::* cpe:2.3:o:juniper:junos:21.3:r2-s1::::::* cpe:2.3:o:juniper:junos:21.3:r2-s2::::::* cpe:2.3:o:juniper:junos:21.3:r3::::::* cpe:2.3:o:juniper:junos:21.3:r3-s1::::::* cpe:2.3:o:juniper:junos:21.3:r3-s2::::::* cpe:2.3:o:juniper:junos:21.3:r3-s3::::::* cpe:2.3:o:juniper:junos:21.3:r3-s4::::::* cpe:2.3:o:juniper:junos:21.4:-::::::* cpe:2.3:o:juniper:junos:21.4:r1::::::* cpe:2.3:o:juniper:junos:21.4:r1-s1::::::* cpe:2.3:o:juniper:junos:21.4:r1-s2::::::* cpe:2.3:o:juniper:junos:21.4:r2::::::* cpe:2.3:o:juniper:junos:21.4:r2-s1::::::* cpe:2.3:o:juniper:junos:21.4:r2-s2::::::* cpe:2.3:o:juniper:junos:21.4:r3::::::* cpe:2.3:o:juniper:junos:21.4:r3-s1::::::* cpe:2.3:o:juniper:junos:21.4:r3-s2::::::* cpe:2.3:o:juniper:junos:21.4:r3-s3::::::* cpe:2.3:o:juniper:junos:21.4:r3-s4::::::* cpe:2.3:o:juniper:junos:22.1:r1::::::* cpe:2.3:o:juniper:junos:22.1:r1-s1::::::* cpe:2.3:o:juniper:junos:22.1:r1-s2::::::* cpe:2.3:o:juniper:junos:22.1:r2::::::* cpe:2.3:o:juniper:junos:22.1:r2-s1::::::* cpe:2.3:o:juniper:junos:22.1:r2-s2::::::* cpe:2.3:o:juniper:junos:22.1:r3::::::* cpe:2.3:o:juniper:junos:22.1:r3-s1::::::* cpe:2.3:o:juniper:junos:22.1:r3-s2::::::* cpe:2.3:o:juniper:junos:22.2:r1::::::* cpe:2.3:o:juniper:junos:22.2:r1-s1::::::* cpe:2.3:o:juniper:junos:22.2:r1-s2::::::* cpe:2.3:o:juniper:junos:22.2:r2::::::* cpe:2.3:o:juniper:junos:22.2:r2-s1::::::* cpe:2.3:o:juniper:junos:22.2:r2-s2::::::* cpe:2.3:o:juniper:junos:22.2:r3::::::* cpe:2.3:o:juniper:junos:22.2:r3-s1::::::* cpe:2.3:o:juniper:junos:22.3:r1::::::* cpe:2.3:o:juniper:junos:22.3:r1-s1::::::* cpe:2.3:o:juniper:junos:22.3:r1-s2::::::* cpe:2.3:o:juniper:junos:22.3:r2::::::* cpe:2.3:o:juniper:junos:22.3:r2-s1::::::* cpe:2.3:o:juniper:junos:22.4:r1::::::* cpe:2.3:o:juniper:junos:22.4:r1-s1::::::* cpe:2.3:o:juniper:junos:22.4:r1-s2::::::* cpe:2.3:o:juniper:junos:22.4:r2::::::* OR cpe:2.3:h:juniper:srx100:-:::::::* cpe:2.3:h:juniper:srx110:-:::::::* cpe:2.3:h:juniper:srx1400:-:::::::* cpe:2.3:h:juniper:srx1500:-:::::::* cpe:2.3:h:juniper:srx210:-:::::::* cpe:2.3:h:juniper:srx220:-:::::::* cpe:2.3:h:juniper:srx240:-:::::::* cpe:2.3:h:juniper:srx240h2:-:::::::* cpe:2.3:h:juniper:srx240m:-:::::::* cpe:2.3:h:juniper:srx300:-:::::::* cpe:2.3:h:juniper:srx320:-:::::::* cpe:2.3:h:juniper:srx340:-:::::::* cpe:2.3:h:juniper:srx3400:-:::::::* cpe:2.3:h:juniper:srx345:-:::::::* cpe:2.3:h:juniper:srx3600:-:::::::* cpe:2.3:h:juniper:srx380:-:::::::* cpe:2.3:h:juniper:srx4000:-:::::::* cpe:2.3:h:juniper:srx4100:-:::::::* cpe:2.3:h:juniper:srx4200:-:::::::* cpe:2.3:h:juniper:srx4600:-:::::::* cpe:2.3:h:juniper:srx5000:-:::::::* cpe:2.3:h:juniper:srx5400:-:::::::* cpe:2.3:h:juniper:srx550:-:::::::* cpe:2.3:h:juniper:srx550_hm:-:::::::* cpe:2.3:h:juniper:srx550m:-:::::::* cpe:2.3:h:juniper:srx5600:-:::::::* cpe:2.3:h:juniper:srx5800:-:::::::* cpe:2.3:h:juniper:srx650:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:juniper:junos::::::::* versions up to (excluding) 20.4 cpe:2.3:o:juniper:junos:20.4:-::::::* cpe:2.3:o:juniper:junos:20.4:r1::::::* cpe:2.3:o:juniper:junos:20.4:r1-s1::::::* cpe:2.3:o:juniper:junos:20.4:r2::::::* cpe:2.3:o:juniper:junos:20.4:r2-s1::::::* cpe:2.3:o:juniper:junos:20.4:r2-s2::::::* cpe:2.3:o:juniper:junos:20.4:r3::::::* cpe:2.3:o:juniper:junos:20.4:r3-s1::::::* cpe:2.3:o:juniper:junos:20.4:r3-s2::::::* cpe:2.3:o:juniper:junos:20.4:r3-s3::::::* cpe:2.3:o:juniper:junos:20.4:r3-s4::::::* cpe:2.3:o:juniper:junos:20.4:r3-s5::::::* cpe:2.3:o:juniper:junos:20.4:r3-s6::::::* cpe:2.3:o:juniper:junos:20.4:r3-s7::::::* cpe:2.3:o:juniper:junos:21.1:r1::::::* cpe:2.3:o:juniper:junos:21.1:r1-s1::::::* cpe:2.3:o:juniper:junos:21.1:r2::::::* cpe:2.3:o:juniper:junos:21.1:r2-s1::::::* cpe:2.3:o:juniper:junos:21.1:r2-s2::::::* cpe:2.3:o:juniper:junos:21.1:r3::::::* cpe:2.3:o:juniper:junos:21.1:r3-s1::::::* cpe:2.3:o:juniper:junos:21.1:r3-s2::::::* cpe:2.3:o:juniper:junos:21.1:r3-s3::::::* cpe:2.3:o:juniper:junos:21.1:r3-s4::::::* cpe:2.3:o:juniper:junos:21.1:r3-s5::::::* cpe:2.3:o:juniper:junos:21.2:-::::::* cpe:2.3:o:juniper:junos:21.2:r1::::::* cpe:2.3:o:juniper:junos:21.2:r1-s1::::::* cpe:2.3:o:juniper:junos:21.2:r1-s2::::::* cpe:2.3:o:juniper:junos:21.2:r2::::::* cpe:2.3:o:juniper:junos:21.2:r2-s1::::::* cpe:2.3:o:juniper:junos:21.2:r2-s2::::::* cpe:2.3:o:juniper:junos:21.2:r3::::::* cpe:2.3:o:juniper:junos:21.2:r3-s1::::::* cpe:2.3:o:juniper:junos:21.2:r3-s2::::::* cpe:2.3:o:juniper:junos:21.2:r3-s3::::::* cpe:2.3:o:juniper:junos:21.2:r3-s4::::::* cpe:2.3:o:juniper:junos:21.2:r3-s5::::::* cpe:2.3:o:juniper:junos:21.3:-::::::* cpe:2.3:o:juniper:junos:21.3:r1::::::* cpe:2.3:o:juniper:junos:21.3:r1-s1::::::* cpe:2.3:o:juniper:junos:21.3:r1-s2::::::* cpe:2.3:o:juniper:junos:21.3:r2::::::* cpe:2.3:o:juniper:junos:21.3:r2-s1::::::* cpe:2.3:o:juniper:junos:21.3:r2-s2::::::* cpe:2.3:o:juniper:junos:21.3:r3::::::* cpe:2.3:o:juniper:junos:21.3:r3-s1::::::* cpe:2.3:o:juniper:junos:21.3:r3-s2::::::* cpe:2.3:o:juniper:junos:21.3:r3-s3::::::* cpe:2.3:o:juniper:junos:21.3:r3-s4::::::* cpe:2.3:o:juniper:junos:21.4:-::::::* cpe:2.3:o:juniper:junos:21.4:r1::::::* cpe:2.3:o:juniper:junos:21.4:r1-s1::::::* cpe:2.3:o:juniper:junos:21.4:r1-s2::::::* cpe:2.3:o:juniper:junos:21.4:r2::::::* cpe:2.3:o:juniper:junos:21.4:r2-s1::::::* cpe:2.3:o:juniper:junos:21.4:r2-s2::::::* cpe:2.3:o:juniper:junos:21.4:r3::::::* cpe:2.3:o:juniper:junos:21.4:r3-s1::::::* cpe:2.3:o:juniper:junos:21.4:r3-s2::::::* cpe:2.3:o:juniper:junos:21.4:r3-s3::::::* cpe:2.3:o:juniper:junos:21.4:r3-s4::::::* cpe:2.3:o:juniper:junos:22.1:r1::::::* cpe:2.3:o:juniper:junos:22.1:r1-s1::::::* cpe:2.3:o:juniper:junos:22.1:r1-s2::::::* cpe:2.3:o:juniper:junos:22.1:r2::::::* cpe:2.3:o:juniper:junos:22.1:r2-s1::::::* cpe:2.3:o:juniper:junos:22.1:r2-s2::::::* cpe:2.3:o:juniper:junos:22.1:r3::::::* cpe:2.3:o:juniper:junos:22.1:r3-s1::::::* cpe:2.3:o:juniper:junos:22.1:r3-s2::::::* cpe:2.3:o:juniper:junos:22.2:r1::::::* cpe:2.3:o:juniper:junos:22.2:r1-s1::::::* cpe:2.3:o:juniper:junos:22.2:r1-s2::::::* cpe:2.3:o:juniper:junos:22.2:r2::::::* cpe:2.3:o:juniper:junos:22.2:r2-s1::::::* cpe:2.3:o:juniper:junos:22.2:r2-s2::::::* cpe:2.3:o:juniper:junos:22.2:r3::::::* cpe:2.3:o:juniper:junos:22.2:r3-s1::::::* cpe:2.3:o:juniper:junos:22.3:r1::::::* cpe:2.3:o:juniper:junos:22.3:r1-s1::::::* cpe:2.3:o:juniper:junos:22.3:r1-s2::::::* cpe:2.3:o:juniper:junos:22.3:r2::::::* cpe:2.3:o:juniper:junos:22.3:r2-s1::::::* cpe:2.3:o:juniper:junos:22.4:r1::::::* cpe:2.3:o:juniper:junos:22.4:r1-s1::::::* cpe:2.3:o:juniper:junos:22.4:r1-s2::::::* cpe:2.3:o:juniper:junos:22.4:r2::::::* OR cpe:2.3:h:juniper:ex2200:-:::::::* cpe:2.3:h:juniper:ex2200-c:-:::::::* cpe:2.3:h:juniper:ex2200-vc:-:::::::* cpe:2.3:h:juniper:ex2300:-:::::::* cpe:2.3:h:juniper:ex2300-24mp:-:::::::* cpe:2.3:h:juniper:ex2300-24p:-:::::::* cpe:2.3:h:juniper:ex2300-24t:-:::::::* cpe:2.3:h:juniper:ex2300-48mp:-:::::::* cpe:2.3:h:juniper:ex2300-48p:-:::::::* cpe:2.3:h:juniper:ex2300-48t:-:::::::* cpe:2.3:h:juniper:ex2300-c:-:::::::* cpe:2.3:h:juniper:ex2300m:-:::::::* cpe:2.3:h:juniper:ex3200:-:::::::* cpe:2.3:h:juniper:ex3300:-:::::::* cpe:2.3:h:juniper:ex3300-vc:-:::::::* cpe:2.3:h:juniper:ex3400:-:::::::* cpe:2.3:h:juniper:ex4200:-:::::::* cpe:2.3:h:juniper:ex4200-vc:-:::::::* cpe:2.3:h:juniper:ex4300:-:::::::* cpe:2.3:h:juniper:ex4300-24p:-:::::::* cpe:2.3:h:juniper:ex4300-24p-s:-:::::::* cpe:2.3:h:juniper:ex4300-24t:-:::::::* cpe:2.3:h:juniper:ex4300-24t-s:-:::::::* cpe:2.3:h:juniper:ex4300-32f:-:::::::* cpe:2.3:h:juniper:ex4300-32f-dc:-:::::::* cpe:2.3:h:juniper:ex4300-32f-s:-:::::::* cpe:2.3:h:juniper:ex4300-48mp:-:::::::* cpe:2.3:h:juniper:ex4300-48mp-s:-:::::::* cpe:2.3:h:juniper:ex4300-48p:-:::::::* cpe:2.3:h:juniper:ex4300-48p-s:-:::::::* cpe:2.3:h:juniper:ex4300-48t:-:::::::* cpe:2.3:h:juniper:ex4300-48t-afi:-:::::::* cpe:2.3:h:juniper:ex4300-48t-dc:-:::::::* cpe:2.3:h:juniper:ex4300-48t-dc-afi:-:::::::* cpe:2.3:h:juniper:ex4300-48t-s:-:::::::* cpe:2.3:h:juniper:ex4300-48tafi:-:::::::* cpe:2.3:h:juniper:ex4300-48tdc:-:::::::* cpe:2.3:h:juniper:ex4300-48tdc-afi:-:::::::* cpe:2.3:h:juniper:ex4300-mp:-:::::::* cpe:2.3:h:juniper:ex4300-vc:-:::::::* cpe:2.3:h:juniper:ex4300m:-:::::::* cpe:2.3:h:juniper:ex4400:-:::::::* cpe:2.3:h:juniper:ex4500:-:::::::* cpe:2.3:h:juniper:ex4500-vc:-:::::::* cpe:2.3:h:juniper:ex4550:-:::::::* cpe:2.3:h:juniper:ex4550-vc:-:::::::* cpe:2.3:h:juniper:ex4550\/vc:-:::::::* cpe:2.3:h:juniper:ex4600:-:::::::* cpe:2.3:h:juniper:ex4600-vc:-:::::::* cpe:2.3:h:juniper:ex4650:-:::::::* cpe:2.3:h:juniper:ex6200:-:::::::* cpe:2.3:h:juniper:ex6210:-:::::::* cpe:2.3:h:juniper:ex8200:-:::::::* cpe:2.3:h:juniper:ex8200-vc:-:::::::* cpe:2.3:h:juniper:ex8208:-:::::::* cpe:2.3:h:juniper:ex8216:-:::::::* cpe:2.3:h:juniper:ex9200:-:::::::* cpe:2.3:h:juniper:ex9204:-:::::::* cpe:2.3:h:juniper:ex9208:-:::::::* cpe:2.3:h:juniper:ex9214:-:::::::* cpe:2.3:h:juniper:ex9250:-:::::::* cpe:2.3:h:juniper:ex9251:-:::::::* cpe:2.3:h:juniper:ex9253:-:::::::*

EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.

CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2023-36846 is associated with the following CWEs:

CWE-306: Missing Authentication for Critical Function

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2023-36846 weaknesses.

CAPEC-12: Choosing Message Identifier Choosing Message Identifier CAPEC-36: Using Unpublished Interfaces or Functionality Using Unpublished Interfaces or Functionality CAPEC-62: Cross Site Request Forgery Cross Site Request Forgery CAPEC-166: Force the System to Reset Values Force the System to Reset Values CAPEC-216: Communication Channel Manipulation Communication Channel Manipulation

CVE-2023-36846

Juniper Junos OS SRX Series Missing Authentication - [Actively Exploited]

Description

INFO

Aug. 17, 2023, 8:15 p.m.

June 27, 2024, 6:29 p.m.

Yes !

1.4

3.9

CISA KEV (Known Exploited Vulnerabilities)

Public PoC/Exploit Available at Github

Affected Products

References to Advisories, Solutions, and Tools

Modified Analysis by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

Initial Analysis by [email protected]

CWE - Common Weakness Enumeration

Common Attack Pattern Enumeration and Classification (CAPEC)

Exploit Prediction

1.01 }} 0.27%

0.83895

CVSS31 - Vulnerability Scoring System

Theme Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable