⚠ Actively exploited
Added to CISA KEV on 2023-11-13. Federal agencies required to patch by 2023-11-17. Required action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable..

CVE-2023-36851Missing Authentication for Critical Function in Networks Junos OS

CWE-306Missing Authentication for Critical Function8 documents7 sources
Severity
5.3MEDIUMNVD
EPSS
15.3%
top 5.36%
CISA KEV
KEV
Added 2023-11-13
Due 2023-11-17
Exploit
Exploited in wild
Active exploitation observed
Affected products
2
Juniper Networks Junos OSJuniper Junos
Timeline
PublishedSep 27
KEV addedNov 13
KEV dueNov 17
CISA Required Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Description

A Missing Authentication for Critical Function vulnerability in Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause limited impact to the file system integrity. With a specific request to webauth_operation.php that doesn't require authentication, an attacker is able to upload and download arbitrary files via J-Web, leading to a loss of integrity or confidentiality, which may allow chaining to other vulnerabilities. This issue affects Juniper

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages2 packages

CVEListV5juniper_networks/junos_os21.221.2R3-S8+6
NVDjuniper/junos7 versions+6

🔴Vulnerability Details

3
GHSA
GHSA-792v-3cgw-26xq: A Missing Authentication for Critical Function vulnerability in Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attac2023-09-27
CVEList
Junos OS: SRX Series: A vulnerability in J-Web allows an unauthenticated attacker to upload and download arbitrary files2023-09-26
VulnCheck
Juniper Junos OS SRX Series Missing Authentication for Critical Function Vulnerability2023

🔍Detection Rules

2
Suricata
ET EXPLOIT Junos OS - Successful Unauthenticated Arbitrary File Upload Attempt (CVE-2023-36851)2023-09-01
Suricata
ET EXPLOIT Junos OS - Unauthenticated Arbitrary File Upload Attempt (CVE-2023-36851)2023-09-01

📋Vendor Advisories

2
CISA
Juniper Junos OS SRX Series Missing Authentication for Critical Function Vulnerability2023-11-13
Juniper
CVE-2023-36851: A Missing Authentication for Critical Function vulnerability in Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attac2023-09-27
CVE-2023-36851 — Networks Junos OS vulnerability | cvebase