A Missing Authentication for Critical Function vulnerability in Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause limited impact to the file system integrity.

With a specific request to

webauth_operation.php

that doesn’t require authentication, an attacker is able to upload arbitrary files via J-Web, leading to a loss of

integrity

for a certain part of the file system, which may allow chaining to other vulnerabilities.

This issue affects Juniper Networks Junos OS on SRX Series:

* 22.4 versions prior to 22,4R2-S2, 22.4R3;
* 23.2 versions prior to 23.2R2.

Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku

Kaynak: National Vulnerability Database