Juniper Networks Junos OS SRX Series Incorrect Authorization Vulnerability in J-Web Interface Exposure

A vulnerability allowing incorrect authorization has been identified in the web server of Juniper Networks Junos OS on SRX Series. This vulnerability allows an unauthenticated, network-based attacker to access the Juniper Web Device Manager (J-Web) interface over more than the intended interfaces. The issue arises when Juniper Secure Connect (JSC) is enabled on specific interfaces, or when multiple interfaces are configured for J-Web. Affected Junos OS versions include all prior to 21.4R3-S9, 22.2 versions before 22.2R3-S5, 22.4 versions before 22.4R3-S5, 23.2 versions before 23.2R2-S3, 23.4 versions before 23.4R2-S5, and 24.2 versions before 24.2R2.

Impact

Exploitation of this vulnerability could lead to unauthorized access to the J-Web interface over additional interfaces, potentially allowing for unauthorized management or configuration changes.

Remediation

Users can update to Junos OS versions 21.4R3-S9, 22.2R3-S5, 22.4R3-S5, 23.2R2-S3, 23.4R2-S5, 24.2R2, 24.4R1, or any subsequent release. To reduce the risk of exploitation, configure a firewall filter on all ingress interfaces where J-Web is not meant to be reachable, or ensure that the relevant security policies do not allow such connections.