Get in Touch
Four security flaws discovered in Juniper Networks devices
Target Industry
Indiscriminate, opportunistic targeting.
Overview
Juniper Networks has disclosed details pertaining to the following four security flaws affecting their SRX and EX series devices:
- CVE-2023-36844 (CVSSv3 score: 5.3) – A PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX Series
- CVE-2023-36845 (CVSSv3 score: 5.3) – A PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX Series and SRX Series
- CVE-2023-36846 (CVSSv3 score: 5.3) – A Missing Authentication for Critical Function vulnerability in Juniper Networks Junos OS on SRX Series
- CVE-2023-36847 (CVSSv3 score: 5.3) – A Missing Authentication for Critical Function vulnerability in Juniper Networks Junos OS on EX Series.
Although the security flaws have received individual CVSS severity scores of 5.3, it should be noted that the Juniper Networks advisory has provided a combined critical-level security score of 9.8.
Furthermore, a Proof-of-Concept (PoC) code has been released that demonstrates how the vulnerabilities listed above can be chained to perform active exploitation.
Impact
- Successful exploitation of CVE-2023-36846 and CVE-2023-36847 allows an unauthenticated threat actor to impact the file system integrity.
- Successful exploitation of CVE-2023-36844 and CVE-2023-36845 allows an unauthenticated threat actor to control important environment variables.
Vulnerability Detection
Juniper Networks has released a security update for CVE-2023-34039 relating to the affected product versions. As such, previous versions are now vulnerable to potential exploitation.
Affected Products
CVE-2023-36845 and CVE-2023-36846 affect Juniper Networks Junos OS on the following versions of SRX Series:
- All versions prior to 20.4R3-S8
- 21.1 version 21.1R1 and later versions
- 21.2 versions prior to 21.2R3-S6
- 21.3 versions prior to 21.3R3-S5
- 21.4 versions prior to 21.4R3-S5
- 22.1 versions prior to 22.1R3-S3
- 22.2 versions prior to 22.2R3-S2
- 22.3 versions prior to 22.3R2-S2, 22.3R3
- 22.4 versions prior to 22.4R2-S1, 22.4R3.
CVE-2023-36844 and CVE-2023-36847 affect Juniper Networks Junos OS on the following versions of EX Series:
- All versions prior to 20.4R3-S8
- 21.1 version 21.1R1 and later versions
- 21.2 versions prior to 21.2R3-S6
- 21.3 versions prior to 21.3R3-S5
- 21.4 versions prior to 21.4R3-S4
- 22.1 versions prior to 22.1R3-S3
- 22.2 versions prior to 22.2R3-S1
- 22.3 versions prior to 22.3R2-S2, 22.3R3
- 22.4 versions prior to 22.4R2-S1, 22.4R3.
Containment, Mitigations & Remediations
It is strongly recommended that organisations apply the relevant security patches as soon as possible. In the event that the patches cannot be applied immediately, organisations are advised to disable J-Web or restrict access to only trusted hosts. Further details can be found within the Juniper Networks advisory.
Indicators of Compromise
No specific Indicators of Compromise (IoCs) are available currently.
Threat Landscape
Juniper Networks occupies a significant proportion of the network administration and management market share. Given that threat actors generally utilise a combination of probability and asset value to determine which attack surfaces to focus on, Juniper Networks products could emerge as a prime target for threat actors. Due to the fact that networking products have become an integral aspect of both personal and business operations, threat actors will continue to exploit vulnerabilities contained within the associated products in an attempt to extract sensitive data.
Threat Group
No attribution to specific threat actors or groups has been identified at the time of writing.
Mitre Methodologies
Common Weakness Enumeration (CWE):
Further Information
