CVE-2023-36845 — CRITICAL (9.8)

Q: How severe is CVE-2023-36845?

CVE-2023-36845 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.

Q: Is there a patch for CVE-2023-36845?

Check the references section above for vendor advisories and patch information. Affected products include: Juniper Junos, Juniper Srx100, Juniper Srx110, Juniper Srx1400, Juniper Srx1500.

Vulnerability Description

A PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX Series and SRX Series allows an unauthenticated, network-based attacker to remotely execute code. Using a crafted request which sets the variable PHPRC an attacker is able to modify the PHP execution environment allowing the injection und execution of code. This issue affects Juniper Networks Junos OS on EX Series and SRX Series: * All versions prior to 20.4R3-S9; * 21.1 versions 21.1R1 and later; * 21.2 versions prior to 21.2R3-S7; * 21.3 versions prior to 21.3R3-S5; * 21.4 versions prior to 21.4R3-S5; * 22.1 versions prior to 22.1R3-S4; * 22.2 versions prior to 22.2R3-S2; * 22.3 versions prior to 22.3R2-S2, 22.3R3-S1; * 22.4 versions prior to 22.4R2-S1, 22.4R3; * 23.2 versions prior to 23.2R1-S1, 23.2R2.

CVSS Score

9.8

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Juniper	Junos	< 20.4
Juniper	Srx100	-
Juniper	Srx110	-
Juniper	Srx1400	-
Juniper	Srx1500	-
Juniper	Srx210	-
Juniper	Srx220	-
Juniper	Srx240	-
Juniper	Srx240H2	-
Juniper	Srx240M	-
Juniper	Srx300	-
Juniper	Srx320	-
Juniper	Srx340	-
Juniper	Srx3400	-
Juniper	Srx345	-
Juniper	Srx3600	-
Juniper	Srx380	-
Juniper	Srx4000	-
Juniper	Srx4100	-
Juniper	Srx4200	-

Related Weaknesses (CWE)

CWE-473

References

http://packetstormsecurity.com/files/174865/Juniper-SRX-Firewall-EX-Switch-RemotExploitThird Party AdvisoryVDB Entry
http://packetstormsecurity.com/files/176969/Juniper-SRX-Firewall-EX-Switch-RemotExploitThird Party AdvisoryVDB Entry
https://supportportal.juniper.net/JSA72300Vendor Advisory
http://packetstormsecurity.com/files/174865/Juniper-SRX-Firewall-EX-Switch-RemotExploitThird Party AdvisoryVDB Entry
http://packetstormsecurity.com/files/176969/Juniper-SRX-Firewall-EX-Switch-RemotExploitThird Party AdvisoryVDB Entry
https://supportportal.juniper.net/JSA72300Vendor Advisory
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-US Government Resource

FAQ

What is CVE-2023-36845?

CVE-2023-36845 is a vulnerability with a CVSS score of 9.8 (CRITICAL). A PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX Series and SRX Series allows an unauthenticated, network-based attacker to remotely execute code. Us...

How severe is CVE-2023-36845?

CVE-2023-36845 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2023-36845?

Check the references section above for vendor advisories and patch information. Affected products include: Juniper Junos, Juniper Srx100, Juniper Srx110, Juniper Srx1400, Juniper Srx1500.