Networking {hardware} firm Juniper Networks has launched an “out-of-cycle” safety replace to handle a number of flaws within the J-Internet part of Junos OS that may very well be mixed to realize distant code execution on inclined installations.
The 4 vulnerabilities have a cumulative CVSS score of 9.8, making them Vital in severity. They have an effect on all variations of Junos OS on SRX and EX Collection.
“By chaining exploitation of those vulnerabilities, an unauthenticated, network-based attacker might be able to remotely execute code on the gadgets,” the corporate stated in an advisory launched on August 17, 2023.
The J-Internet interface permits customers to configure, handle, and monitor Junos OS gadgets. A quick description of the failings is as follows –
- CVE-2023-36844 and CVE-2023-36845 (CVSS scores: 5.3) – Two PHP exterior variable modification vulnerabilities in J-Internet of Juniper Networks Junos OS on EX Collection and SRX Collection permits an unauthenticated, network-based attacker to manage sure, essential environments variables.
- CVE-2023-36846 and CVE-2023-36847 (CVSS scores: 5.3) – Two lacking authentications for vital operate vulnerabilities in Juniper Networks Junos OS on EX Collection and SRX Collection enable an unauthenticated, network-based attacker to trigger restricted affect to the file system integrity.
A menace actor may ship a specifically crafted request to switch sure PHP atmosphere variables or add arbitrary recordsdata through J-Internet sans any authentication to efficiently exploit the aforementioned points.
The vulnerabilities have been addressed within the beneath variations –
- EX Collection – Junos OS variations 20.4R3-S8, 21.2R3-S6, 21.3R3-S5, 21.4R3-S4, 22.1R3-S3, 22.2R3-S1, 22.3R2-S2, 22.3R3, 22.4R2-S1, 22.4R3, and 23.2R1
- SRX Collection – Junos OS variations 20.4R3-S8, 21.2R3-S6, 21.3R3-S5, 21.4R3-S5, 22.1R3-S3, 22.2R3-S2, 22.3R2-S2, 22.3R3, 22.4R2-S1, 22.4R3, and 23.2R1
Customers are beneficial to use the required fixes to mitigate potential distant code execution threats. As a workaround, Juniper Networks is suggesting that customers both disable J-Internet or restrict entry to solely trusted hosts.