CVE-2023-36851

5.3

MEDIUM

Juniper Junos OS SRX Series Missing Authentication - [Actively Exploited]

Description

A Missing Authentication for Critical Function vulnerability in Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause limited impact to the file system integrity. With a specific request to webauth_operation.php that doesn't require authentication, an attacker is able to upload and download arbitrary files via J-Web, leading to a loss of integrity or confidentiality, which may allow chaining to other vulnerabilities. This issue affects Juniper Networks Junos OS on SRX Series: * 21.2 versions prior to 21.2R3-S8; * 21.4 versions prior to 21.4R3-S6; * 22.1 versions prior to 22.1R3-S5; * 22.2 versions prior to 22.2R3-S3; * 22.3 versions prior to 22.3R3-S2; * 22.4 versions prior to 22,4R2-S2, 22.4R3; * 23.2 versions prior to 23.2R1-S2, 23.2R2.

INFO

Published Date :

Sept. 27, 2023, 3:18 p.m.

Last Modified :

June 26, 2024, 8:17 p.m.

Source :

[email protected]

Remotely Exploitable :

Yes !

Impact Score :

1.4

Exploitability Score :

3.9

CISA Notification

CISA KEV (Known Exploited Vulnerabilities)

For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild.

Due Date: Nov 17, 2023

Alert Date: Nov 13, 2023 | 375 days ago

Description :

Juniper Junos OS on SRX Series contains a missing authentication for critical function vulnerability that allows an unauthenticated, network-based attacker to cause limited impact to the file system integrity. With a specific request to webauth_operation.php that doesn't require authentication, an attacker is able to upload arbitrary files via J-Web, leading to a loss of integrity for a certain part of the file system, which may allow chaining to other vulnerabilities.

Required Action :

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Notes :

https://supportportal.juniper.net/s/article/2023-08-Out-of-Cycle-Security-Bulletin-Junos-OS-SRX-Series-and-EX-Series-Multiple-vulnerabilities-in-J-Web-can-be-combined-to-allow-a-preAuth-Remote-Code-Execution?language=en_US

Public PoC/Exploit Available at Github

CVE-2023-36851 has a 1 public PoC/Exploit available at Github. Go to the Public Exploits tab to see the list.

Affected Products

The following products are affected by CVE-2023-36851 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID	Vendor	Product
1	Juniper	junos
2	Juniper	srx100
3	Juniper	srx110
4	Juniper	srx210
5	Juniper	srx220
6	Juniper	srx240
7	Juniper	srx550
8	Juniper	srx650
9	Juniper	srx1400
10	Juniper	srx3400
11	Juniper	srx3600
12	Juniper	srx5600
13	Juniper	srx5800
14	Juniper	ex2200
15	Juniper	ex2200-c
16	Juniper	ex2200-vc
17	Juniper	ex2300
18	Juniper	ex2300-24mp
19	Juniper	ex2300-24p
20	Juniper	ex2300-24t
21	Juniper	ex2300-48mp
22	Juniper	ex2300-48p
23	Juniper	ex2300-48t
24	Juniper	ex2300-c
25	Juniper	ex2300m
26	Juniper	ex3200
27	Juniper	ex3300
28	Juniper	ex3300-vc
29	Juniper	ex3400
30	Juniper	ex4200
31	Juniper	ex4200-vc
32	Juniper	ex4300
33	Juniper	ex4300-24p
34	Juniper	ex4300-24p-s
35	Juniper	ex4300-24t
36	Juniper	ex4300-24t-s
37	Juniper	ex4300-32f
38	Juniper	ex4300-32f-dc
39	Juniper	ex4300-32f-s
40	Juniper	ex4300-48mp
41	Juniper	ex4300-48mp-s
42	Juniper	ex4300-48p
43	Juniper	ex4300-48p-s
44	Juniper	ex4300-48t
45	Juniper	ex4300-48t-afi
46	Juniper	ex4300-48t-dc
47	Juniper	ex4300-48t-dc-afi
48	Juniper	ex4300-48t-s
49	Juniper	ex4300-48tafi
50	Juniper	ex4300-48tdc
51	Juniper	ex4300-48tdc-afi
52	Juniper	ex4300-mp
53	Juniper	ex4300-vc
54	Juniper	ex4300m
55	Juniper	ex4400
56	Juniper	ex4500
57	Juniper	ex4500-vc
58	Juniper	ex4550
59	Juniper	ex4550-vc
60	Juniper	ex4550\/vc
61	Juniper	ex4600
62	Juniper	ex4600-vc
63	Juniper	ex4650
64	Juniper	ex6200
65	Juniper	ex6210
66	Juniper	ex8200
67	Juniper	ex8200-vc
68	Juniper	ex8208
69	Juniper	ex8216
70	Juniper	ex9200
71	Juniper	ex9204
72	Juniper	ex9208
73	Juniper	ex9214
74	Juniper	ex9250
75	Juniper	ex9251
76	Juniper	ex9253
77	Juniper	srx1500
78	Juniper	srx240h2
79	Juniper	srx240m
80	Juniper	srx300
81	Juniper	srx320
82	Juniper	srx340
83	Juniper	srx345
84	Juniper	srx380
85	Juniper	srx4000
86	Juniper	srx4100
87	Juniper	srx4200
88	Juniper	srx4600
89	Juniper	srx5000
90	Juniper	srx5400
91	Juniper	srx550_hm
92	Juniper	srx550m

: Total Affected Vendor : 1 | Products : 92

References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2023-36851.

URL	Resource
https://supportportal.juniper.net/JSA72300	Mitigation Vendor Advisory

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Ostorlab/KEV

Ostorlab KEV: One-command to detect most remotely known exploitable vulnerabilities. Sourced from CISA KEV, Google's Tsunami, Ostorlab's Asteroid and Bug Bounty programs.

cisa-kev vulnerability 0day cisa exploits

Updated: 2 months, 2 weeks ago

516 stars 32 fork 32 watcher

Born at : April 19, 2022, 8:58 a.m. This repo has been linked 1181 different CVEs too.

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2023-36851 vulnerability anywhere in the article.

The following table lists the changes that have been made to the CVE-2023-36851 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

Modified Analysis by [email protected]

Jun. 26, 2024

Action	Type	Old Value	New Value
Changed	CPE Configuration	AND OR cpe:2.3:h:juniper:ex2200:-:::::::* cpe:2.3:h:juniper:ex2200-c:-:::::::* cpe:2.3:h:juniper:ex2200-vc:-:::::::* cpe:2.3:h:juniper:ex2300:-:::::::* cpe:2.3:h:juniper:ex2300-24mp:-:::::::* cpe:2.3:h:juniper:ex2300-24p:-:::::::* cpe:2.3:h:juniper:ex2300-24t:-:::::::* cpe:2.3:h:juniper:ex2300-48mp:-:::::::* cpe:2.3:h:juniper:ex2300-48p:-:::::::* cpe:2.3:h:juniper:ex2300-48t:-:::::::* cpe:2.3:h:juniper:ex2300-c:-:::::::* cpe:2.3:h:juniper:ex2300m:-:::::::* cpe:2.3:h:juniper:ex3200:-:::::::* cpe:2.3:h:juniper:ex3300:-:::::::* cpe:2.3:h:juniper:ex3300-vc:-:::::::* cpe:2.3:h:juniper:ex3400:-:::::::* cpe:2.3:h:juniper:ex4200:-:::::::* cpe:2.3:h:juniper:ex4200-vc:-:::::::* cpe:2.3:h:juniper:ex4300:-:::::::* cpe:2.3:h:juniper:ex4300-24p:-:::::::* cpe:2.3:h:juniper:ex4300-24p-s:-:::::::* cpe:2.3:h:juniper:ex4300-24t:-:::::::* cpe:2.3:h:juniper:ex4300-24t-s:-:::::::* cpe:2.3:h:juniper:ex4300-32f:-:::::::* cpe:2.3:h:juniper:ex4300-32f-dc:-:::::::* cpe:2.3:h:juniper:ex4300-32f-s:-:::::::* cpe:2.3:h:juniper:ex4300-48mp:-:::::::* cpe:2.3:h:juniper:ex4300-48mp-s:-:::::::* cpe:2.3:h:juniper:ex4300-48p:-:::::::* cpe:2.3:h:juniper:ex4300-48p-s:-:::::::* cpe:2.3:h:juniper:ex4300-48t:-:::::::* cpe:2.3:h:juniper:ex4300-48t-afi:-:::::::* cpe:2.3:h:juniper:ex4300-48t-dc:-:::::::* cpe:2.3:h:juniper:ex4300-48t-dc-afi:-:::::::* cpe:2.3:h:juniper:ex4300-48t-s:-:::::::* cpe:2.3:h:juniper:ex4300-48tafi:-:::::::* cpe:2.3:h:juniper:ex4300-48tdc:-:::::::* cpe:2.3:h:juniper:ex4300-48tdc-afi:-:::::::* cpe:2.3:h:juniper:ex4300-mp:-:::::::* cpe:2.3:h:juniper:ex4300-vc:-:::::::* cpe:2.3:h:juniper:ex4300m:-:::::::* cpe:2.3:h:juniper:ex4400:-:::::::* cpe:2.3:h:juniper:ex4500:-:::::::* cpe:2.3:h:juniper:ex4500-vc:-:::::::* cpe:2.3:h:juniper:ex4550:-:::::::* cpe:2.3:h:juniper:ex4550-vc:-:::::::* cpe:2.3:h:juniper:ex4550\/vc:-:::::::* cpe:2.3:h:juniper:ex4600:-:::::::* cpe:2.3:h:juniper:ex4600-vc:-:::::::* cpe:2.3:h:juniper:ex4650:-:::::::* cpe:2.3:h:juniper:ex6200:-:::::::* cpe:2.3:h:juniper:ex6210:-:::::::* cpe:2.3:h:juniper:ex8200:-:::::::* cpe:2.3:h:juniper:ex8200-vc:-:::::::* cpe:2.3:h:juniper:ex8208:-:::::::* cpe:2.3:h:juniper:ex8216:-:::::::* cpe:2.3:h:juniper:ex9200:-:::::::* cpe:2.3:h:juniper:ex9204:-:::::::* cpe:2.3:h:juniper:ex9208:-:::::::* cpe:2.3:h:juniper:ex9214:-:::::::* cpe:2.3:h:juniper:ex9250:-:::::::* cpe:2.3:h:juniper:ex9251:-:::::::* cpe:2.3:h:juniper:ex9253:-:::::::* cpe:2.3:h:juniper:srx100:-:::::::* cpe:2.3:h:juniper:srx110:-:::::::* cpe:2.3:h:juniper:srx1400:-:::::::* cpe:2.3:h:juniper:srx1500:-:::::::* cpe:2.3:h:juniper:srx210:-:::::::* cpe:2.3:h:juniper:srx220:-:::::::* cpe:2.3:h:juniper:srx240:-:::::::* cpe:2.3:h:juniper:srx240h2:-:::::::* cpe:2.3:h:juniper:srx240m:-:::::::* cpe:2.3:h:juniper:srx300:-:::::::* cpe:2.3:h:juniper:srx320:-:::::::* cpe:2.3:h:juniper:srx340:-:::::::* cpe:2.3:h:juniper:srx3400:-:::::::* cpe:2.3:h:juniper:srx345:-:::::::* cpe:2.3:h:juniper:srx3600:-:::::::* cpe:2.3:h:juniper:srx380:-:::::::* cpe:2.3:h:juniper:srx4000:-:::::::* cpe:2.3:h:juniper:srx4100:-:::::::* cpe:2.3:h:juniper:srx4200:-:::::::* cpe:2.3:h:juniper:srx4600:-:::::::* cpe:2.3:h:juniper:srx5000:-:::::::* cpe:2.3:h:juniper:srx5400:-:::::::* cpe:2.3:h:juniper:srx550:-:::::::* cpe:2.3:h:juniper:srx550_hm:-:::::::* cpe:2.3:h:juniper:srx550m:-:::::::* cpe:2.3:h:juniper:srx5600:-:::::::* cpe:2.3:h:juniper:srx5800:-:::::::* cpe:2.3:h:juniper:srx650:-:::::::* OR cpe:2.3:o:juniper:junos::::::::* versions up to (excluding) 20.4 cpe:2.3:o:juniper:junos:20.4:-::::::* cpe:2.3:o:juniper:junos:20.4:r1::::::* cpe:2.3:o:juniper:junos:20.4:r1-s1::::::* cpe:2.3:o:juniper:junos:20.4:r2::::::* cpe:2.3:o:juniper:junos:20.4:r2-s1::::::* cpe:2.3:o:juniper:junos:20.4:r2-s2::::::* cpe:2.3:o:juniper:junos:20.4:r3::::::* cpe:2.3:o:juniper:junos:20.4:r3-s1::::::* cpe:2.3:o:juniper:junos:20.4:r3-s2::::::* cpe:2.3:o:juniper:junos:20.4:r3-s3::::::* cpe:2.3:o:juniper:junos:20.4:r3-s4::::::* cpe:2.3:o:juniper:junos:20.4:r3-s5::::::* cpe:2.3:o:juniper:junos:20.4:r3-s6::::::* cpe:2.3:o:juniper:junos:20.4:r3-s7::::::* cpe:2.3:o:juniper:junos:20.4:r3-s8::::::* cpe:2.3:o:juniper:junos:21.1:r1::::::* cpe:2.3:o:juniper:junos:21.1:r1-s1::::::* cpe:2.3:o:juniper:junos:21.1:r2::::::* cpe:2.3:o:juniper:junos:21.1:r2-s1::::::* cpe:2.3:o:juniper:junos:21.1:r2-s2::::::* cpe:2.3:o:juniper:junos:21.1:r3::::::* cpe:2.3:o:juniper:junos:21.1:r3-s1::::::* cpe:2.3:o:juniper:junos:21.1:r3-s2::::::* cpe:2.3:o:juniper:junos:21.1:r3-s3::::::* cpe:2.3:o:juniper:junos:21.1:r3-s4::::::* cpe:2.3:o:juniper:junos:21.1:r3-s5::::::* cpe:2.3:o:juniper:junos:21.2:-::::::* cpe:2.3:o:juniper:junos:21.2:r1::::::* cpe:2.3:o:juniper:junos:21.2:r1-s1::::::* cpe:2.3:o:juniper:junos:21.2:r1-s2::::::* cpe:2.3:o:juniper:junos:21.2:r2::::::* cpe:2.3:o:juniper:junos:21.2:r2-s1::::::* cpe:2.3:o:juniper:junos:21.2:r2-s2::::::* cpe:2.3:o:juniper:junos:21.2:r3::::::* cpe:2.3:o:juniper:junos:21.2:r3-s1::::::* cpe:2.3:o:juniper:junos:21.2:r3-s2::::::* cpe:2.3:o:juniper:junos:21.2:r3-s3::::::* cpe:2.3:o:juniper:junos:21.2:r3-s4::::::* cpe:2.3:o:juniper:junos:21.2:r3-s5::::::* cpe:2.3:o:juniper:junos:21.2:r3-s6::::::* cpe:2.3:o:juniper:junos:21.3:-::::::* cpe:2.3:o:juniper:junos:21.3:r1::::::* cpe:2.3:o:juniper:junos:21.3:r1-s1::::::* cpe:2.3:o:juniper:junos:21.3:r1-s2::::::* cpe:2.3:o:juniper:junos:21.3:r2::::::* cpe:2.3:o:juniper:junos:21.3:r2-s1::::::* cpe:2.3:o:juniper:junos:21.3:r2-s2::::::* cpe:2.3:o:juniper:junos:21.3:r3::::::* cpe:2.3:o:juniper:junos:21.3:r3-s1::::::* cpe:2.3:o:juniper:junos:21.3:r3-s2::::::* cpe:2.3:o:juniper:junos:21.3:r3-s3::::::* cpe:2.3:o:juniper:junos:21.3:r3-s4::::::* cpe:2.3:o:juniper:junos:21.4:-::::::* cpe:2.3:o:juniper:junos:21.4:r1::::::* cpe:2.3:o:juniper:junos:21.4:r1-s1::::::* cpe:2.3:o:juniper:junos:21.4:r1-s2::::::* cpe:2.3:o:juniper:junos:21.4:r2::::::* cpe:2.3:o:juniper:junos:21.4:r2-s1::::::* cpe:2.3:o:juniper:junos:21.4:r2-s2::::::* cpe:2.3:o:juniper:junos:21.4:r3::::::* cpe:2.3:o:juniper:junos:21.4:r3-s1::::::* cpe:2.3:o:juniper:junos:21.4:r3-s2::::::* cpe:2.3:o:juniper:junos:21.4:r3-s3::::::* cpe:2.3:o:juniper:junos:21.4:r3-s4::::::* cpe:2.3:o:juniper:junos:22.1:r1::::::* cpe:2.3:o:juniper:junos:22.1:r1-s1::::::* cpe:2.3:o:juniper:junos:22.1:r1-s2::::::* cpe:2.3:o:juniper:junos:22.1:r2::::::* cpe:2.3:o:juniper:junos:22.1:r2-s1::::::* cpe:2.3:o:juniper:junos:22.1:r2-s2::::::* cpe:2.3:o:juniper:junos:22.1:r3::::::* cpe:2.3:o:juniper:junos:22.1:r3-s1::::::* cpe:2.3:o:juniper:junos:22.1:r3-s2::::::* cpe:2.3:o:juniper:junos:22.1:r3-s3::::::* cpe:2.3:o:juniper:junos:22.2:r1::::::* cpe:2.3:o:juniper:junos:22.2:r1-s1::::::* cpe:2.3:o:juniper:junos:22.2:r1-s2::::::* cpe:2.3:o:juniper:junos:22.2:r2::::::* cpe:2.3:o:juniper:junos:22.2:r2-s1::::::* cpe:2.3:o:juniper:junos:22.2:r2-s2::::::* cpe:2.3:o:juniper:junos:22.2:r3::::::* cpe:2.3:o:juniper:junos:22.2:r3-s1::::::* cpe:2.3:o:juniper:junos:22.3:r1::::::* cpe:2.3:o:juniper:junos:22.3:r1-s1::::::* cpe:2.3:o:juniper:junos:22.3:r1-s2::::::* cpe:2.3:o:juniper:junos:22.3:r2::::::* cpe:2.3:o:juniper:junos:22.3:r2-s1::::::* cpe:2.3:o:juniper:junos:22.4:r1::::::* cpe:2.3:o:juniper:junos:22.4:r1-s1::::::* cpe:2.3:o:juniper:junos:22.4:r1-s2::::::* cpe:2.3:o:juniper:junos:22.4:r2::::::* cpe:2.3:o:juniper:junos:23.2:r1::::::*	AND OR cpe:2.3:h:juniper:ex2200:-:::::::* cpe:2.3:h:juniper:ex2200-c:-:::::::* cpe:2.3:h:juniper:ex2200-vc:-:::::::* cpe:2.3:h:juniper:ex2300:-:::::::* cpe:2.3:h:juniper:ex2300-24mp:-:::::::* cpe:2.3:h:juniper:ex2300-24p:-:::::::* cpe:2.3:h:juniper:ex2300-24t:-:::::::* cpe:2.3:h:juniper:ex2300-48mp:-:::::::* cpe:2.3:h:juniper:ex2300-48p:-:::::::* cpe:2.3:h:juniper:ex2300-48t:-:::::::* cpe:2.3:h:juniper:ex2300-c:-:::::::* cpe:2.3:h:juniper:ex2300m:-:::::::* cpe:2.3:h:juniper:ex3200:-:::::::* cpe:2.3:h:juniper:ex3300:-:::::::* cpe:2.3:h:juniper:ex3300-vc:-:::::::* cpe:2.3:h:juniper:ex3400:-:::::::* cpe:2.3:h:juniper:ex4200:-:::::::* cpe:2.3:h:juniper:ex4200-vc:-:::::::* cpe:2.3:h:juniper:ex4300:-:::::::* cpe:2.3:h:juniper:ex4300-24p:-:::::::* cpe:2.3:h:juniper:ex4300-24p-s:-:::::::* cpe:2.3:h:juniper:ex4300-24t:-:::::::* cpe:2.3:h:juniper:ex4300-24t-s:-:::::::* cpe:2.3:h:juniper:ex4300-32f:-:::::::* cpe:2.3:h:juniper:ex4300-32f-dc:-:::::::* cpe:2.3:h:juniper:ex4300-32f-s:-:::::::* cpe:2.3:h:juniper:ex4300-48mp:-:::::::* cpe:2.3:h:juniper:ex4300-48mp-s:-:::::::* cpe:2.3:h:juniper:ex4300-48p:-:::::::* cpe:2.3:h:juniper:ex4300-48p-s:-:::::::* cpe:2.3:h:juniper:ex4300-48t:-:::::::* cpe:2.3:h:juniper:ex4300-48t-afi:-:::::::* cpe:2.3:h:juniper:ex4300-48t-dc:-:::::::* cpe:2.3:h:juniper:ex4300-48t-dc-afi:-:::::::* cpe:2.3:h:juniper:ex4300-48t-s:-:::::::* cpe:2.3:h:juniper:ex4300-48tafi:-:::::::* cpe:2.3:h:juniper:ex4300-48tdc:-:::::::* cpe:2.3:h:juniper:ex4300-48tdc-afi:-:::::::* cpe:2.3:h:juniper:ex4300-mp:-:::::::* cpe:2.3:h:juniper:ex4300-vc:-:::::::* cpe:2.3:h:juniper:ex4300m:-:::::::* cpe:2.3:h:juniper:ex4400:-:::::::* cpe:2.3:h:juniper:ex4500:-:::::::* cpe:2.3:h:juniper:ex4500-vc:-:::::::* cpe:2.3:h:juniper:ex4550:-:::::::* cpe:2.3:h:juniper:ex4550-vc:-:::::::* cpe:2.3:h:juniper:ex4550\/vc:-:::::::* cpe:2.3:h:juniper:ex4600:-:::::::* cpe:2.3:h:juniper:ex4600-vc:-:::::::* cpe:2.3:h:juniper:ex4650:-:::::::* cpe:2.3:h:juniper:ex6200:-:::::::* cpe:2.3:h:juniper:ex6210:-:::::::* cpe:2.3:h:juniper:ex8200:-:::::::* cpe:2.3:h:juniper:ex8200-vc:-:::::::* cpe:2.3:h:juniper:ex8208:-:::::::* cpe:2.3:h:juniper:ex8216:-:::::::* cpe:2.3:h:juniper:ex9200:-:::::::* cpe:2.3:h:juniper:ex9204:-:::::::* cpe:2.3:h:juniper:ex9208:-:::::::* cpe:2.3:h:juniper:ex9214:-:::::::* cpe:2.3:h:juniper:ex9250:-:::::::* cpe:2.3:h:juniper:ex9251:-:::::::* cpe:2.3:h:juniper:ex9253:-:::::::* cpe:2.3:h:juniper:srx100:-:::::::* cpe:2.3:h:juniper:srx110:-:::::::* cpe:2.3:h:juniper:srx1400:-:::::::* cpe:2.3:h:juniper:srx1500:-:::::::* cpe:2.3:h:juniper:srx210:-:::::::* cpe:2.3:h:juniper:srx220:-:::::::* cpe:2.3:h:juniper:srx240:-:::::::* cpe:2.3:h:juniper:srx240h2:-:::::::* cpe:2.3:h:juniper:srx240m:-:::::::* cpe:2.3:h:juniper:srx300:-:::::::* cpe:2.3:h:juniper:srx320:-:::::::* cpe:2.3:h:juniper:srx340:-:::::::* cpe:2.3:h:juniper:srx3400:-:::::::* cpe:2.3:h:juniper:srx345:-:::::::* cpe:2.3:h:juniper:srx3600:-:::::::* cpe:2.3:h:juniper:srx380:-:::::::* cpe:2.3:h:juniper:srx4000:-:::::::* cpe:2.3:h:juniper:srx4100:-:::::::* cpe:2.3:h:juniper:srx4200:-:::::::* cpe:2.3:h:juniper:srx4600:-:::::::* cpe:2.3:h:juniper:srx5000:-:::::::* cpe:2.3:h:juniper:srx5400:-:::::::* cpe:2.3:h:juniper:srx550:-:::::::* cpe:2.3:h:juniper:srx550_hm:-:::::::* cpe:2.3:h:juniper:srx550m:-:::::::* cpe:2.3:h:juniper:srx5600:-:::::::* cpe:2.3:h:juniper:srx5800:-:::::::* cpe:2.3:h:juniper:srx650:-:::::::* OR cpe:2.3:o:juniper:junos:21.2:-::::::* cpe:2.3:o:juniper:junos:21.2:r1::::::* cpe:2.3:o:juniper:junos:21.2:r1-s1::::::* cpe:2.3:o:juniper:junos:21.2:r1-s2::::::* cpe:2.3:o:juniper:junos:21.2:r2::::::* cpe:2.3:o:juniper:junos:21.2:r2-s1::::::* cpe:2.3:o:juniper:junos:21.2:r2-s2::::::* cpe:2.3:o:juniper:junos:21.2:r3::::::* cpe:2.3:o:juniper:junos:21.2:r3-s1::::::* cpe:2.3:o:juniper:junos:21.2:r3-s2::::::* cpe:2.3:o:juniper:junos:21.2:r3-s3::::::* cpe:2.3:o:juniper:junos:21.2:r3-s4::::::* cpe:2.3:o:juniper:junos:21.2:r3-s5::::::* cpe:2.3:o:juniper:junos:21.2:r3-s6::::::* cpe:2.3:o:juniper:junos:21.2:r3-s7::::::* cpe:2.3:o:juniper:junos:21.4:-::::::* cpe:2.3:o:juniper:junos:21.4:r1::::::* cpe:2.3:o:juniper:junos:21.4:r1-s1::::::* cpe:2.3:o:juniper:junos:21.4:r1-s2::::::* cpe:2.3:o:juniper:junos:21.4:r2::::::* cpe:2.3:o:juniper:junos:21.4:r2-s1::::::* cpe:2.3:o:juniper:junos:21.4:r2-s2::::::* cpe:2.3:o:juniper:junos:21.4:r3::::::* cpe:2.3:o:juniper:junos:21.4:r3-s1::::::* cpe:2.3:o:juniper:junos:21.4:r3-s2::::::* cpe:2.3:o:juniper:junos:21.4:r3-s3::::::* cpe:2.3:o:juniper:junos:21.4:r3-s4::::::* cpe:2.3:o:juniper:junos:21.4:r3-s5::::::* cpe:2.3:o:juniper:junos:22.1:r1::::::* cpe:2.3:o:juniper:junos:22.1:r1-s1::::::* cpe:2.3:o:juniper:junos:22.1:r1-s2::::::* cpe:2.3:o:juniper:junos:22.1:r2::::::* cpe:2.3:o:juniper:junos:22.1:r2-s1::::::* cpe:2.3:o:juniper:junos:22.1:r2-s2::::::* cpe:2.3:o:juniper:junos:22.1:r3::::::* cpe:2.3:o:juniper:junos:22.1:r3-s1::::::* cpe:2.3:o:juniper:junos:22.1:r3-s2::::::* cpe:2.3:o:juniper:junos:22.1:r3-s3::::::* cpe:2.3:o:juniper:junos:22.1:r3-s4::::::* cpe:2.3:o:juniper:junos:22.2:r1::::::* cpe:2.3:o:juniper:junos:22.2:r1-s1::::::* cpe:2.3:o:juniper:junos:22.2:r1-s2::::::* cpe:2.3:o:juniper:junos:22.2:r2::::::* cpe:2.3:o:juniper:junos:22.2:r2-s1::::::* cpe:2.3:o:juniper:junos:22.2:r2-s2::::::* cpe:2.3:o:juniper:junos:22.2:r3::::::* cpe:2.3:o:juniper:junos:22.2:r3-s1::::::* cpe:2.3:o:juniper:junos:22.2:r3-s2::::::* cpe:2.3:o:juniper:junos:22.3:r1::::::* cpe:2.3:o:juniper:junos:22.3:r1-s1::::::* cpe:2.3:o:juniper:junos:22.3:r1-s2::::::* cpe:2.3:o:juniper:junos:22.3:r2::::::* cpe:2.3:o:juniper:junos:22.3:r2-s1::::::* cpe:2.3:o:juniper:junos:22.3:r3::::::* cpe:2.3:o:juniper:junos:22.3:r3-s1::::::* cpe:2.3:o:juniper:junos:22.4:r1::::::* cpe:2.3:o:juniper:junos:22.4:r1-s1::::::* cpe:2.3:o:juniper:junos:22.4:r1-s2::::::* cpe:2.3:o:juniper:junos:22.4:r2::::::* cpe:2.3:o:juniper:junos:22.4:r2-s1::::::* cpe:2.3:o:juniper:junos:23.2:r1::::::* cpe:2.3:o:juniper:junos:23.2:r1-s1::::::*

CVE Modified by [email protected]

May. 14, 2024

Action	Type	Old Value	New Value

CVE Modified by [email protected]

Jan. 25, 2024

Action	Type	Old Value	New Value
Changed	Description	A Missing Authentication for Critical Function vulnerability in Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause limited impact to the file system integrity. With a specific request to webauth_operation.php that doesn't require authentication, an attacker is able to upload arbitrary files via J-Web, leading to a loss of integrity for a certain part of the file system, which may allow chaining to other vulnerabilities. This issue affects Juniper Networks Junos OS on SRX Series: * 22.4 versions prior to 22,4R2-S2, 22.4R3; * 23.2 versions prior to 23.2R2.	A Missing Authentication for Critical Function vulnerability in Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause limited impact to the file system integrity. With a specific request to webauth_operation.php that doesn't require authentication, an attacker is able to upload and download arbitrary files via J-Web, leading to a loss of integrity or confidentiality, which may allow chaining to other vulnerabilities. This issue affects Juniper Networks Junos OS on SRX Series: * 21.2 versions prior to 21.2R3-S8; * 21.4 versions prior to 21.4R3-S6; * 22.1 versions prior to 22.1R3-S5; * 22.2 versions prior to 22.2R3-S3; * 22.3 versions prior to 22.3R3-S2; * 22.4 versions prior to 22,4R2-S2, 22.4R3; * 23.2 versions prior to 23.2R1-S2, 23.2R2.

Initial Analysis by [email protected]

Sep. 28, 2023

Action	Type	Old Value	New Value
Added	CVSS V3.1		NIST AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Changed	Reference Type	https://supportportal.juniper.net/JSA72300 No Types Assigned	https://supportportal.juniper.net/JSA72300 Mitigation, Vendor Advisory
Added	CWE		NIST CWE-306
Added	CPE Configuration		AND OR cpe:2.3:o:juniper:junos::::::::* versions up to (excluding) 20.4 cpe:2.3:o:juniper:junos:20.4:-::::::* cpe:2.3:o:juniper:junos:20.4:r1::::::* cpe:2.3:o:juniper:junos:20.4:r1-s1::::::* cpe:2.3:o:juniper:junos:20.4:r2::::::* cpe:2.3:o:juniper:junos:20.4:r2-s1::::::* cpe:2.3:o:juniper:junos:20.4:r2-s2::::::* cpe:2.3:o:juniper:junos:20.4:r3::::::* cpe:2.3:o:juniper:junos:20.4:r3-s1::::::* cpe:2.3:o:juniper:junos:20.4:r3-s2::::::* cpe:2.3:o:juniper:junos:20.4:r3-s3::::::* cpe:2.3:o:juniper:junos:20.4:r3-s4::::::* cpe:2.3:o:juniper:junos:20.4:r3-s5::::::* cpe:2.3:o:juniper:junos:20.4:r3-s6::::::* cpe:2.3:o:juniper:junos:20.4:r3-s7::::::* cpe:2.3:o:juniper:junos:20.4:r3-s8::::::* cpe:2.3:o:juniper:junos:21.1:r1::::::* cpe:2.3:o:juniper:junos:21.1:r1-s1::::::* cpe:2.3:o:juniper:junos:21.1:r2::::::* cpe:2.3:o:juniper:junos:21.1:r2-s1::::::* cpe:2.3:o:juniper:junos:21.1:r2-s2::::::* cpe:2.3:o:juniper:junos:21.1:r3::::::* cpe:2.3:o:juniper:junos:21.1:r3-s1::::::* cpe:2.3:o:juniper:junos:21.1:r3-s2::::::* cpe:2.3:o:juniper:junos:21.1:r3-s3::::::* cpe:2.3:o:juniper:junos:21.1:r3-s4::::::* cpe:2.3:o:juniper:junos:21.1:r3-s5::::::* cpe:2.3:o:juniper:junos:21.2:-::::::* cpe:2.3:o:juniper:junos:21.2:r1::::::* cpe:2.3:o:juniper:junos:21.2:r1-s1::::::* cpe:2.3:o:juniper:junos:21.2:r1-s2::::::* cpe:2.3:o:juniper:junos:21.2:r2::::::* cpe:2.3:o:juniper:junos:21.2:r2-s1::::::* cpe:2.3:o:juniper:junos:21.2:r2-s2::::::* cpe:2.3:o:juniper:junos:21.2:r3::::::* cpe:2.3:o:juniper:junos:21.2:r3-s1::::::* cpe:2.3:o:juniper:junos:21.2:r3-s2::::::* cpe:2.3:o:juniper:junos:21.2:r3-s3::::::* cpe:2.3:o:juniper:junos:21.2:r3-s4::::::* cpe:2.3:o:juniper:junos:21.2:r3-s5::::::* cpe:2.3:o:juniper:junos:21.2:r3-s6::::::* cpe:2.3:o:juniper:junos:21.3:-::::::* cpe:2.3:o:juniper:junos:21.3:r1::::::* cpe:2.3:o:juniper:junos:21.3:r1-s1::::::* cpe:2.3:o:juniper:junos:21.3:r1-s2::::::* cpe:2.3:o:juniper:junos:21.3:r2::::::* cpe:2.3:o:juniper:junos:21.3:r2-s1::::::* cpe:2.3:o:juniper:junos:21.3:r2-s2::::::* cpe:2.3:o:juniper:junos:21.3:r3::::::* cpe:2.3:o:juniper:junos:21.3:r3-s1::::::* cpe:2.3:o:juniper:junos:21.3:r3-s2::::::* cpe:2.3:o:juniper:junos:21.3:r3-s3::::::* cpe:2.3:o:juniper:junos:21.3:r3-s4::::::* cpe:2.3:o:juniper:junos:21.4:-::::::* cpe:2.3:o:juniper:junos:21.4:r1::::::* cpe:2.3:o:juniper:junos:21.4:r1-s1::::::* cpe:2.3:o:juniper:junos:21.4:r1-s2::::::* cpe:2.3:o:juniper:junos:21.4:r2::::::* cpe:2.3:o:juniper:junos:21.4:r2-s1::::::* cpe:2.3:o:juniper:junos:21.4:r2-s2::::::* cpe:2.3:o:juniper:junos:21.4:r3::::::* cpe:2.3:o:juniper:junos:21.4:r3-s1::::::* cpe:2.3:o:juniper:junos:21.4:r3-s2::::::* cpe:2.3:o:juniper:junos:21.4:r3-s3::::::* cpe:2.3:o:juniper:junos:21.4:r3-s4::::::* cpe:2.3:o:juniper:junos:22.1:r1::::::* cpe:2.3:o:juniper:junos:22.1:r1-s1::::::* cpe:2.3:o:juniper:junos:22.1:r1-s2::::::* cpe:2.3:o:juniper:junos:22.1:r2::::::* cpe:2.3:o:juniper:junos:22.1:r2-s1::::::* cpe:2.3:o:juniper:junos:22.1:r2-s2::::::* cpe:2.3:o:juniper:junos:22.1:r3::::::* cpe:2.3:o:juniper:junos:22.1:r3-s1::::::* cpe:2.3:o:juniper:junos:22.1:r3-s2::::::* cpe:2.3:o:juniper:junos:22.1:r3-s3::::::* cpe:2.3:o:juniper:junos:22.2:r1::::::* cpe:2.3:o:juniper:junos:22.2:r1-s1::::::* cpe:2.3:o:juniper:junos:22.2:r1-s2::::::* cpe:2.3:o:juniper:junos:22.2:r2::::::* cpe:2.3:o:juniper:junos:22.2:r2-s1::::::* cpe:2.3:o:juniper:junos:22.2:r2-s2::::::* cpe:2.3:o:juniper:junos:22.2:r3::::::* cpe:2.3:o:juniper:junos:22.2:r3-s1::::::* cpe:2.3:o:juniper:junos:22.3:r1::::::* cpe:2.3:o:juniper:junos:22.3:r1-s1::::::* cpe:2.3:o:juniper:junos:22.3:r1-s2::::::* cpe:2.3:o:juniper:junos:22.3:r2::::::* cpe:2.3:o:juniper:junos:22.3:r2-s1::::::* cpe:2.3:o:juniper:junos:22.4:r1::::::* cpe:2.3:o:juniper:junos:22.4:r1-s1::::::* cpe:2.3:o:juniper:junos:22.4:r1-s2::::::* cpe:2.3:o:juniper:junos:22.4:r2::::::* cpe:2.3:o:juniper:junos:23.2:r1::::::* OR cpe:2.3:h:juniper:ex2200:-:::::::* cpe:2.3:h:juniper:ex2200-c:-:::::::* cpe:2.3:h:juniper:ex2200-vc:-:::::::* cpe:2.3:h:juniper:ex2300:-:::::::* cpe:2.3:h:juniper:ex2300-24mp:-:::::::* cpe:2.3:h:juniper:ex2300-24p:-:::::::* cpe:2.3:h:juniper:ex2300-24t:-:::::::* cpe:2.3:h:juniper:ex2300-48mp:-:::::::* cpe:2.3:h:juniper:ex2300-48p:-:::::::* cpe:2.3:h:juniper:ex2300-48t:-:::::::* cpe:2.3:h:juniper:ex2300-c:-:::::::* cpe:2.3:h:juniper:ex2300m:-:::::::* cpe:2.3:h:juniper:ex3200:-:::::::* cpe:2.3:h:juniper:ex3300:-:::::::* cpe:2.3:h:juniper:ex3300-vc:-:::::::* cpe:2.3:h:juniper:ex3400:-:::::::* cpe:2.3:h:juniper:ex4200:-:::::::* cpe:2.3:h:juniper:ex4200-vc:-:::::::* cpe:2.3:h:juniper:ex4300:-:::::::* cpe:2.3:h:juniper:ex4300-24p:-:::::::* cpe:2.3:h:juniper:ex4300-24p-s:-:::::::* cpe:2.3:h:juniper:ex4300-24t:-:::::::* cpe:2.3:h:juniper:ex4300-24t-s:-:::::::* cpe:2.3:h:juniper:ex4300-32f:-:::::::* cpe:2.3:h:juniper:ex4300-32f-dc:-:::::::* cpe:2.3:h:juniper:ex4300-32f-s:-:::::::* cpe:2.3:h:juniper:ex4300-48mp:-:::::::* cpe:2.3:h:juniper:ex4300-48mp-s:-:::::::* cpe:2.3:h:juniper:ex4300-48p:-:::::::* cpe:2.3:h:juniper:ex4300-48p-s:-:::::::* cpe:2.3:h:juniper:ex4300-48t:-:::::::* cpe:2.3:h:juniper:ex4300-48t-afi:-:::::::* cpe:2.3:h:juniper:ex4300-48t-dc:-:::::::* cpe:2.3:h:juniper:ex4300-48t-dc-afi:-:::::::* cpe:2.3:h:juniper:ex4300-48t-s:-:::::::* cpe:2.3:h:juniper:ex4300-48tafi:-:::::::* cpe:2.3:h:juniper:ex4300-48tdc:-:::::::* cpe:2.3:h:juniper:ex4300-48tdc-afi:-:::::::* cpe:2.3:h:juniper:ex4300-mp:-:::::::* cpe:2.3:h:juniper:ex4300-vc:-:::::::* cpe:2.3:h:juniper:ex4300m:-:::::::* cpe:2.3:h:juniper:ex4400:-:::::::* cpe:2.3:h:juniper:ex4500:-:::::::* cpe:2.3:h:juniper:ex4500-vc:-:::::::* cpe:2.3:h:juniper:ex4550:-:::::::* cpe:2.3:h:juniper:ex4550-vc:-:::::::* cpe:2.3:h:juniper:ex4550\/vc:-:::::::* cpe:2.3:h:juniper:ex4600:-:::::::* cpe:2.3:h:juniper:ex4600-vc:-:::::::* cpe:2.3:h:juniper:ex4650:-:::::::* cpe:2.3:h:juniper:ex6200:-:::::::* cpe:2.3:h:juniper:ex6210:-:::::::* cpe:2.3:h:juniper:ex8200:-:::::::* cpe:2.3:h:juniper:ex8200-vc:-:::::::* cpe:2.3:h:juniper:ex8208:-:::::::* cpe:2.3:h:juniper:ex8216:-:::::::* cpe:2.3:h:juniper:ex9200:-:::::::* cpe:2.3:h:juniper:ex9204:-:::::::* cpe:2.3:h:juniper:ex9208:-:::::::* cpe:2.3:h:juniper:ex9214:-:::::::* cpe:2.3:h:juniper:ex9250:-:::::::* cpe:2.3:h:juniper:ex9251:-:::::::* cpe:2.3:h:juniper:ex9253:-:::::::* cpe:2.3:h:juniper:srx100:-:::::::* cpe:2.3:h:juniper:srx110:-:::::::* cpe:2.3:h:juniper:srx1400:-:::::::* cpe:2.3:h:juniper:srx1500:-:::::::* cpe:2.3:h:juniper:srx210:-:::::::* cpe:2.3:h:juniper:srx220:-:::::::* cpe:2.3:h:juniper:srx240:-:::::::* cpe:2.3:h:juniper:srx240h2:-:::::::* cpe:2.3:h:juniper:srx240m:-:::::::* cpe:2.3:h:juniper:srx300:-:::::::* cpe:2.3:h:juniper:srx320:-:::::::* cpe:2.3:h:juniper:srx340:-:::::::* cpe:2.3:h:juniper:srx3400:-:::::::* cpe:2.3:h:juniper:srx345:-:::::::* cpe:2.3:h:juniper:srx3600:-:::::::* cpe:2.3:h:juniper:srx380:-:::::::* cpe:2.3:h:juniper:srx4000:-:::::::* cpe:2.3:h:juniper:srx4100:-:::::::* cpe:2.3:h:juniper:srx4200:-:::::::* cpe:2.3:h:juniper:srx4600:-:::::::* cpe:2.3:h:juniper:srx5000:-:::::::* cpe:2.3:h:juniper:srx5400:-:::::::* cpe:2.3:h:juniper:srx550:-:::::::* cpe:2.3:h:juniper:srx550_hm:-:::::::* cpe:2.3:h:juniper:srx550m:-:::::::* cpe:2.3:h:juniper:srx5600:-:::::::* cpe:2.3:h:juniper:srx5800:-:::::::* cpe:2.3:h:juniper:srx650:-:::::::*

EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.

CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2023-36851 is associated with the following CWEs:

CWE-306: Missing Authentication for Critical Function

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2023-36851 weaknesses.

CAPEC-12: Choosing Message Identifier Choosing Message Identifier CAPEC-36: Using Unpublished Interfaces or Functionality Using Unpublished Interfaces or Functionality CAPEC-62: Cross Site Request Forgery Cross Site Request Forgery CAPEC-166: Force the System to Reset Values Force the System to Reset Values CAPEC-216: Communication Channel Manipulation Communication Channel Manipulation

CVE-2023-36851

Juniper Junos OS SRX Series Missing Authentication - [Actively Exploited]

Description

INFO

Sept. 27, 2023, 3:18 p.m.

June 26, 2024, 8:17 p.m.

[email protected]

Yes !

1.4

3.9

CISA KEV (Known Exploited Vulnerabilities)

Public PoC/Exploit Available at Github

Affected Products

References to Advisories, Solutions, and Tools

Ostorlab/KEV

Modified Analysis by [email protected]

CVE Modified by [email protected]

CVE Modified by [email protected]

Initial Analysis by [email protected]

CWE - Common Weakness Enumeration

Common Attack Pattern Enumeration and Classification (CAPEC)

Exploit Prediction

1.11 }} 0.30%

0.84941

CVSS31 - Vulnerability Scoring System

Theme Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable