Two security flaws discovered in Juniper Networks devices

Home / Threat Intelligence bulletins / Two security flaws discovered in Juniper Networks devices

Target Industry

Indiscriminate, opportunistic targeting.

Overview

Juniper Networks has disclosed details relating to the two security flaws affecting their SRX and EX series devices:

  • CVE-2023-36845 (CVSSv3 score: 5.3): A PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX Series and SRX Series
  • CVE-2023-36846 (CVSSv3 score: 5.3): A Missing Authentication for Critical Function vulnerability in Juniper Networks Junos OS on SRX Series.

Impact

Successful exploitation of CVE-2023-36845 and CVE-2023-36846 together allows an unauthenticated threat actor to impact the file system integrity and allows for remote code execution (RCE).

Successful exploitation of CVE-2023-36845 alone allows unauthenticated threat actors to control important environment variables and display sensitive data. This also allows for RCE.

Vulnerability Detection

Juniper Networks has released a security update related to the affected product versions. This means the previous versions are now vulnerable to potential exploitation.

Affected Products

CVE-2023-36845 and CVE-2023-36846 affect Juniper Networks Junos OS on the SRX Series and EX Series versions listed below:

  • All versions prior to 20.4R3-S8
  • 21.1 version 21.1R1 and later versions
  • 21.2 versions prior to 21.2R3-S6
  • 21.3 versions prior to 21.3R3-S5
  • 21.4 versions prior to 21.4R3-S5
  • 22.1 versions prior to 22.1R3-S3
  • 22.2 versions prior to 22.2R3-S2
  • 22.3 versions prior to 22.3R2-S2, 22.3R3
  • 22.4 versions prior to 22.4R2-S1, 22.4R3.

Containment, Mitigations & Remediations

It is highly recommended that all organisations run the relevant security patches as soon as possible. If these patches cannot be applied immediately then organisations are advised to disable J-Web or limit access to trusted hosts only.

More information can be found in the Juniper Networks Advisory.

Indicators of Compromise

There are no specific Indicators of Compromise (IoCs) available currently.

Threat Landscape

Juniper Networks is a multinational corporation that develops and sells networking products that many clients use across the world. A few notable exploits have been disclosed by Juniper Networks recently and, as some products are still unpatched, many could become prime targets for threat actors. This could lead to unpatched products being exploited in an attempt to view and exfiltrate sensitive data.

Threat Group

No attribution to specific threat actors or groups has been identified at the time of writing.

Mitre Methodologies

Common Weakness Enumeration(CWE):

CWE-473 – PHP External Variable Modification

CWE-306– Missing Authentication for Critical Function

 

An Intelligence Terminology Yardstick to showing the likelihood of events