1. Home
  2. Mapping Frameworks
  3. Known Exploited Vulnerabilities Home
  4. Juniper Junos OS SRX Series Missing Authentication for Critical Function Vulnerability

Known Exploited Vulnerabilities CVE-2023-36846 Mappings

A Missing Authentication for Critical Function vulnerability in Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause limited impact to the file system integrity. With a specific request to user.php that doesn't require authentication an attacker is able to upload arbitrary files via J-Web, leading to a loss of integrity for a certain  part of the file system, which may allow chaining to other vulnerabilities. This issue affects Juniper Networks Junos OS on SRX Series: * All versions prior to 20.4R3-S8; * 21.1 versions 21.1R1 and later; * 21.2 versions prior to 21.2R3-S6; * 21.3 versions prior to 21.3R3-S5; * 21.4 versions prior to 21.4R3-S5; * 22.1 versions prior to 22.1R3-S3; * 22.2 versions prior to 22.2R3-S2; * 22.3 versions prior to 22.3R2-S2, 22.3R3; * 22.4 versions prior to 22.4R2-S1, 22.4R3.

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name Notes
CVE-2023-36846 Juniper Junos OS SRX Series Missing Authentication for Critical Function Vulnerability primary_impact T1059 Command and Scripting Interpreter
Comments
This vulnerability is exploited through a Missing Authentication for Critical Function weakness. Attackers leverage this vulnerability to impact file system integrity by sending a crafted request to the `user.php` endpoint, which does not require authentication. This manipulation allows the upload of arbitrary files, enabling attackers to chain this vulnerability with others, potentially leading to unauthenticated remote code execution.
References
  1. https://www.greenbone.net/en/blog/tracking-news-juniper-junos-vulnerabilities/
CVE-2023-36846 Juniper Junos OS SRX Series Missing Authentication for Critical Function Vulnerability exploitation_technique T1190 Exploit Public-Facing Application
Comments
This vulnerability is exploited through a Missing Authentication for Critical Function weakness. Attackers leverage this vulnerability to impact file system integrity by sending a crafted request to the `user.php` endpoint, which does not require authentication. This manipulation allows the upload of arbitrary files, enabling attackers to chain this vulnerability with others, potentially leading to unauthenticated remote code execution.
References
  1. https://www.greenbone.net/en/blog/tracking-news-juniper-junos-vulnerabilities/