Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2022-2024 and is owned by Tenable, Inc. or an Affiliate thereof.JUNOS_CVE-2023-36844.NBIN
HistoryDec 08, 2023 - 12:00 a.m.

Juniper Junos OS Pre-Auth RCE (JSA72300)

2023-12-0800:00:00
This script is Copyright (C) 2022-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
12
juniper os
remote code execution
security advisory

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

7 High

AI Score

Confidence

Low

0.714 High

EPSS

Percentile

98.1%

JSON

A PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX and SRX Series allows an unauthenticated, network-based attacker to control certain, important environments variables. Utilizing a crafted request an attacker is able to modify certain PHP environments variables leading to partial loss of integrity, which may allow chaining to other vulnerabilities.

Binary data junos_cve-2023-36844.nbin
VendorProductVersionCPE
juniperjunoscpe:/o:juniper:junos

Related

githubexploit 3
prion 1
nvd 1
cve 1
cisa_kev 1
cvelist 1
zdt 1
packetstorm 1
attackerkb 2
metasploit 1
nuclei 2
thn 4
rapid7blog 1
nessus 1
avleonov 1
githubexploit
githubexploit
Exploit for PHP External Variable Modification in Juniper Junos
2023-08-25 07:28:06
Exploit for PHP External Variable Modification in Juniper Junos
2023-09-24 13:30:09
Exploit for PHP External Variable Modification in Juniper Junos
2023-09-20 02:32:56
prion
prion
Code injection
2023-08-17 20:15:00
nvd
nvd
CVE-2023-36844
2023-08-17 20:15:10
cve
cve
CVE-2023-36844
2023-08-17 20:15:10
cisa_kev
cisa_kev
Juniper Junos OS EX Series PHP External Variable Modification Vulnerability
2023-11-13 00:00:00
cvelist
cvelist
CVE-2023-36844 Junos OS: EX Series: A PHP vulnerability in J-Web allows an unauthenticated attacker to control important environment variables
2023-08-17 19:17:47
zdt
zdt
Juniper SRX Firewall / EX Switch Remote Code Execution Exploit
2023-10-02 00:00:00
packetstorm
packetstorm
Juniper SRX Firewall / EX Switch Remote Code Execution
2023-10-02 00:00:00
attackerkb
attackerkb
CVE-2023-36845
2023-08-17 00:00:00
CVE-2023-36844
2023-08-17 00:00:00
metasploit
metasploit
Junos OS PHPRC Environment Variable Manipulation RCE
2023-09-20 20:47:05
nuclei
nuclei
Juniper J-Web - Remote Code Execution
2023-09-19 01:54:05
Juniper Devices - Remote Code Execution
2023-08-26 07:36:41
thn
thn
New Juniper Junos OS Flaws Expose Devices to Remote Attacks - Patch Now
2023-08-19 07:38:00
Nearly 12,000 Juniper Firewalls Found Vulnerable to Recently Disclosed RCE Vulnerability
2023-09-19 09:30:00
CISA Sets a Deadline - Patch Juniper Junos OS Flaws Before November 17
2023-11-14 06:03:00
rapid7blog
rapid7blog
Exploitation of Juniper Networks SRX Series and EX Series Devices
2023-08-31 20:23:59
nessus
nessus
Juniper Junos OS Pre-Auth RCE (JSA72300)
2023-08-25 00:00:00
avleonov
avleonov
August 2023: GitHub PoCs, Vulristics, Qualys First-Party, Tenable ExposureAI, SC Awards and Rapid7, Anglo-Saxon list, MS Patch Tuesday, WinRAR, Juniper
2023-08-30 16:15:31

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

7 High

AI Score

Confidence

Low

0.714 High

EPSS

Percentile

98.1%

JSON
Related for JUNOS_CVE-2023-36844.NBIN
githubexploit3prion1nvd1cve1cisa_kev1cvelist1zdt1packetstorm1attackerkb2metasploit1nuclei2thn4rapid7blog1nessus1avleonov1