github - ghsa-4r2w-j4p7-rw4p

ghsa-4r2w-j4p7-rw4p

Vulnerability from github

Published

2022-05-24 19:17

Modified

2022-10-25 19:00

Severity ?

9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

The usage of an internal HTTP header created an authentication bypass vulnerability (CWE-287), allowing an attacker to view internal files, change settings, manipulate services and execute arbitrary code. This issue affects all Juniper Networks 128 Technology Session Smart Router versions prior to 4.5.11, and all versions of 5.0 up to and including 5.0.1.

Show details on source website

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2021-31349"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-287"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-10-19T19:15:00Z",
    "severity": "CRITICAL"
  },
  "details": "The usage of an internal HTTP header created an authentication bypass vulnerability (CWE-287), allowing an attacker to view internal files, change settings, manipulate services and execute arbitrary code. This issue affects all Juniper Networks 128 Technology Session Smart Router versions prior to 4.5.11, and all versions of 5.0 up to and including 5.0.1.",
  "id": "GHSA-4r2w-j4p7-rw4p",
  "modified": "2022-10-25T19:00:33Z",
  "published": "2022-05-24T19:17:55Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-31349"
    },
    {
      "type": "WEB",
      "url": "https://kb.juniper.net/JSA11256"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

cve-2021-31349

Vulnerability from cvelistv5

Published

2021-10-19 18:16

Modified

2024-09-16 23:10

Severity ?

9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

Session Smart Router: Authentication Bypass Vulnerability

References

▼	URL	Tags
	https://kb.juniper.net/JSA11256	x_refsource_CONFIRM

Impacted products

▼	Vendor	Product
	Juniper Networks	128 Technology Session Smart Router

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T22:55:53.493Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kb.juniper.net/JSA11256"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "128 Technology Session Smart Router",
          "vendor": "Juniper Networks",
          "versions": [
            {
              "lessThan": "4.5.11",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "5.0.1",
              "status": "affected",
              "version": "5.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "128 Technology was notified via the JVN community of the vulnerability as JVN#85073657."
        }
      ],
      "datePublic": "2021-10-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The usage of an internal HTTP header created an authentication bypass vulnerability (CWE-287), allowing an attacker to view internal files, change settings, manipulate services and execute arbitrary code. This issue affects all Juniper Networks 128 Technology Session Smart Router versions prior to 4.5.11, and all versions of 5.0 up to and including 5.0.1."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-287",
              "description": "CWE-287 Improper Authentication",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-10-19T18:16:28",
        "orgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
        "shortName": "juniper"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kb.juniper.net/JSA11256"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "128 Technology has released software updates that address the vulnerability described in this advisory. \n\nFixed Releases:\nThe following 128T software patches have been released to resolve this specific issue: 4.5.11, 5.1.0, and all subsequent releases.\nCustomers who are running 5.0.0 or 5.0.1 should upgrade to 5.1.6 or later.\n\nInstructions for upgrading the 128T Networking Platform can be found at https://docs.128technology.com/docs/intro_upgrading ."
        }
      ],
      "source": {
        "advisory": "JSA11256",
        "defect": [
          "I95-41227"
        ],
        "discovery": "EXTERNAL"
      },
      "title": "Session Smart Router: Authentication Bypass Vulnerability",
      "workarounds": [
        {
          "lang": "en",
          "value": "While no workarounds exist for this vulnerability, risk exposure can be mitigated. HTTP access to the SSR occurs on TCP port 443. It is recommended to install firewall rules to permit access only from trusted IP addresses."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "sirt@juniper.net",
          "DATE_PUBLIC": "2021-10-13T16:00:00.000Z",
          "ID": "CVE-2021-31349",
          "STATE": "PUBLIC",
          "TITLE": "Session Smart Router: Authentication Bypass Vulnerability"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "128 Technology Session Smart Router",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_value": "4.5.11"
                          },
                          {
                            "version_affected": "\u003c=",
                            "version_name": "5.0",
                            "version_value": "5.0.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Juniper Networks"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "128 Technology was notified via the JVN community of the vulnerability as JVN#85073657."
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The usage of an internal HTTP header created an authentication bypass vulnerability (CWE-287), allowing an attacker to view internal files, change settings, manipulate services and execute arbitrary code. This issue affects all Juniper Networks 128 Technology Session Smart Router versions prior to 4.5.11, and all versions of 5.0 up to and including 5.0.1."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-287 Improper Authentication"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://kb.juniper.net/JSA11256",
              "refsource": "CONFIRM",
              "url": "https://kb.juniper.net/JSA11256"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "128 Technology has released software updates that address the vulnerability described in this advisory. \n\nFixed Releases:\nThe following 128T software patches have been released to resolve this specific issue: 4.5.11, 5.1.0, and all subsequent releases.\nCustomers who are running 5.0.0 or 5.0.1 should upgrade to 5.1.6 or later.\n\nInstructions for upgrading the 128T Networking Platform can be found at https://docs.128technology.com/docs/intro_upgrading ."
          }
        ],
        "source": {
          "advisory": "JSA11256",
          "defect": [
            "I95-41227"
          ],
          "discovery": "EXTERNAL"
        },
        "work_around": [
          {
            "lang": "en",
            "value": "While no workarounds exist for this vulnerability, risk exposure can be mitigated. HTTP access to the SSR occurs on TCP port 443. It is recommended to install firewall rules to permit access only from trusted IP addresses."
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8cbe9d5a-a066-4c94-8978-4b15efeae968",
    "assignerShortName": "juniper",
    "cveId": "CVE-2021-31349",
    "datePublished": "2021-10-19T18:16:28.461957Z",
    "dateReserved": "2021-04-15T00:00:00",
    "dateUpdated": "2024-09-16T23:10:43.606Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Log in or create an account to share your comment.

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.