Multiple Juniper Networks Flaw Let Attackers Delete Files

The Juniper networks-owned Junos OS has been discovered to have multiple vulnerabilities associated with Denial of Service (DoS), Path Traversal, and Cross-Site Scripting (XSS).

The CVEs for these vulnerabilities have been assigned with CVE-2024-30409, CVE-2020-1606, and CVE-2020-1607.

The severity for these vulnerabilities ranges between 5.3 (Medium) to 7.5 (High). However, these vulnerabilities have been patched by Juniper networks, and relevant security advisories have been published to address them.

Vulnerability Details

According to the advisory released, the DoS was identified due to Higher CPU consumption on the routing engine, the path traversal, and the cross-site scripting vulnerabilities that existed in the J-Web Interface and Junos OS.

These vulnerabilities affect multiple Juniper network products and versions.

Stop Advanced Phishing Attack With AI

AI-Powered Protection for Business Email Security

Trustifi’s Advanced threat protection prevents the widest spectrum of sophisticated attacks before they reach a user’s mailbox. Stopping 99% of phishing attacks missed by other email security solutions. .

Try Free Demo

CVE-2024-30409 : Higher CPU consumption On Routing Rngine Leads To Denial Of Service

This vulnerability exists in multiple versions of Junos OS and JunosOS evolved due to improper check for unusual or exceptional conditions in the telemetry processing.

This vulnerability allows an authenticated network-based attacker to cause a denial of service condition by crashing the forward information base telemetry daemon (fibtd). 

The severity for this vulnerability was given as 5.3 (Medium) according to CVSS v3 score and 6.9 (Medium) as per CVSS v4 score.

Moreover, this vulnerability is seen when the telemetry subscription is active and Fib-streaming is enabled.

No workarounds were mentioned to mitigate this vulnerability. 

CVE-2020-1606: Path Traversal Vulnerability In J-Web

This vulnerability exists in the Junos OS devices, which could allow an authenticated attacker with J-web user privilege to read or delete files with “world” readable and writable permissions.

However, without root user privilege, this vulnerability cannot have much impact on system files. 

As a workaround, users of affected Junos OS versions can limit the access to J-web interface to only trusted users for reducing the exploitation risk.

However, as a prerequisite, the J-web interface must be enabled on the affected device.

CVE-2020-1607: Cross-Site Scripting (XSS) In J-Web

This vulnerability exists due to insufficient XSS protection in the J-web interface, which could allow a threat actor to inject web script or HTML.

This script injection can potentially lead to hijacking of user’s or administrator’s J-Web session that can be used to perform administrative action on the Junos OS under the impression of the targeted user.

As a workaround for this vulnerability, users can be set to access the J-web service only from trusted sources such as jumphosts with no internet access.

Alternatively, the J-web interface can also be disabled.

Affected Products And Fixed In Versions

CVE	Affected Products	Fixed in versions
CVE-2024-30409	Junos OS:from 22.1 before 22.1R1-S2, 22.1R2. Junos OS Evolved:from 22.1 before 22.1R1-S2-EVO, 22.1R2-EVO.	Junos OS: 22.1R1-S2, 22.1R2, 22.2R1, 22.2R2, 22.3R1, 22.4R1, and all subsequent releases. Junos OS Evolved: 22.1R1-S2-EVO, 22.1R2-EVO, 22.2R1-EVO, 22.2R2-EVO, 22.3R1-EVO, 22.4R1-EVO, and all subsequent releases.
CVE-2020-1606	12.3 versions prior to 12.3R12-S13;12.3X48 versions prior to 12.3X48-D85 on SRX Series;14.1X53 versions prior to 14.1X53-D51;15.1F6 versions prior to 15.1F6-S13;15.1 versions prior to 15.1R7-S5;15.1X49 versions prior to 15.1X49-D180 on SRX Series;15.1X53 versions prior to 15.1X53-D238 on QFX5200/QFX5110 Series;16.1 versions prior to 16.1R4-S13, 16.1R7-S5;16.2 versions prior to 16.2R2-S10;17.1 versions prior to 17.1R3-S1;17.2 versions prior to 17.2R1-S9, 17.2R3-S2;17.3 versions prior to 17.3R2-S5, 17.3R3-S5;17.4 versions prior to 17.4R2-S9, 17.4R3;18.1 versions prior to 18.1R3-S8;18.2 versions prior to 18.2R3;18.3 versions prior to 18.3R2-S3, 18.3R3;18.4 versions prior to 18.4R2;19.1 versions prior to 19.1R1-S4, 19.1R2.	12.3R12-S13, 12.3X48-D85, 14.1X53-D51, 15.1F6-S13, 15.1R7-S5, 15.1X49-D180, 15.1X53-D238, 16.1R4-S13, 16.1R7-S5, 16.2R2-S10, 17.1R3-S1, 17.2R1-S9, 17.2R3-S2, 17.3R2-S5, 17.3R3-S5, 17.4R2-S9, 17.4R3, 18.1R3-S8, 18.2R3, 18.3R2-S3, 18.3R3, 18.4R2, 19.1R1-S4, 19.1R2, 19.2R1, and all subsequent releases.
CVE-2020-1607	12.3 versions prior to 12.3R12-S15;12.3X48 versions prior to 12.3X48-D86, 12.3X48-D90 on SRX Series;14.1X53 versions prior to 14.1X53-D51 on EX and QFX Series;15.1F6 versions prior to 15.1F6-S13;15.1 versions prior to 15.1R7-S5;15.1X49 versions prior to 15.1X49-D181, 15.1X49-D190 on SRX Series;15.1X53 versions prior to 15.1X53-D238 on QFX5200/QFX5110 Series;15.1X53 versions prior to 15.1X53-D592 on EX2300/EX3400 Series;16.1 versions prior to 16.1R4-S13, 16.1R7-S5;16.2 versions prior to 16.2R2-S10;17.1 versions prior to 17.1R2-S11, 17.1R3-S1;17.2 versions prior to 17.2R1-S9, 17.2R3-S2;17.3 versions prior to 17.3R2-S5, 17.3R3-S5;17.4 versions prior to 17.4R2-S6, 17.4R3;18.1 versions prior to 18.1R3-S7;18.2 versions prior to 18.2R2-S5, 18.2R3;18.3 versions prior to 18.3R1-S6, 18.3R2-S1, 18.3R3;18.4 versions prior to 18.4R1-S5, 18.4R2;19.1 versions prior to 19.1R1-S2, 19.1R2.	12.3R12-S15, 12.3X48-D86, 12.3X48-D90, 14.1X53-D51, 15.1F6-S13,15.1R7-S5, 15.1X49-D181, 15.1X49-D190, 15.1X53-D238, 15.1X53-D592, 16.1R4-S13, 16.1R7-S5, 16.2R2-S10,17.1R2-S11, 17.1R3-S1, 17.2R1-S9, 17.2R3-S2, 17.3R2-S5, 17.3R3-S5, 17.4R2-S6, 17.4R3, 18.1R3-S7,18.2R2-S5, 18.2R3, 18.3R1-S6, 18.3R2-S1, 18.3R3, 18.4R1-S5, 18.4R2, 19.1R1-S2, 19.1R2, 19.2R1, and all subsequent releases.

Users of these Junos OS and Junos OS evolved products are recommended to upgrade to the latest versions in order to prevent the exploitation of these vulnerabilities by threat actors.