Due to a Missing Authorization weakness and Insufficient Granularity of Access Control in a specific device configuration, a vulnerability exists in Juniper Networks Junos OS on SRX Series whereby an attacker who attempts to access J-Web administrative interfaces can successfully do so from any device interface regardless of the web-management configuration and filter rules which may otherwise protect access to J-Web. This issue affects: Juniper Networks Junos OS SRX Series 20.4 version 20.4R1 and later versions prior to 20.4R2-S1, 20.4R3; 21.1 versions prior to 21.1R1-S1, 21.1R2. This issue does not affect Juniper Networks Junos OS versions prior to 20.4R1.
oryginał ENCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:NJuniper Junos
OSJuniper20.421.1Juniper Srx1500
HWJuniperwszystkie wersjeJuniper Srx300
HWJuniperwszystkie wersjeJuniper Srx4100
HWJuniperwszystkie wersjeJuniper Srx4200
HWJuniperwszystkie wersjeJuniper Srx4600
HWJuniperwszystkie wersjeJuniper Srx5400
HWJuniperwszystkie wersjeJuniper Srx550
HWJuniperwszystkie wersjeJuniper Srx5600
HWJuniperwszystkie wersjeJuniper Srx5800
HWJuniperwszystkie wersje
Powiązane podatności
A PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX Series and SR...
Out-of-bounds Write w J-Web Juniper Junos OS — RCE z uprawnieniami root
This issue is not applicable to NFX NextGen Software. On NFX Series devices the use of Hard-coded Credentials ...
A buffer size validation vulnerability in the overlayd service of Juniper Networks Junos OS may allow an unaut...
An improper check for unusual or exceptional conditions in Juniper Networks Junos OS and Junos OS Evolved Rout...