Juniper Flaw (CVE-2024-39565): Unauthenticated Hackers Could Seize Control

Juniper Networks has issued a security advisory, disclosing a high-severity vulnerability (CVE-2024-39565) in its Junos OS. This flaw affects a wide range of versions and could allow an unauthenticated attacker to execute remote commands on affected devices, potentially gaining full control.

The vulnerability is due to improper neutralization of data within XPath expressions, also known as XPath Injection. This flaw in J-Web can be exploited when an administrator is logged into a J-Web session or has previously logged in and subsequently logged out. An attacker can then execute commands on the device with the credentials of the logged-in user.

CVE-2024-39565 has a CVSS score v3.1 of 8.8, while has a CVSS score v4.0 of 6.8. Despite the lower CVSS v4.0 score, Juniper Networks considers this a high-severity flaw due to the potential for complete device takeover.

The vulnerability affects a wide range of Junos OS versions on SRX Series and EX Series devices. This vulnerability affects the following versions of Junos OS:

• Versions before 21.2R3-S8
• Versions from 21.4 before 21.4R3-S7
• Versions from 22.2 before 22.2R3-S4
• Versions from 22.3 before 22.3R3-S3
• Versions from 22.4 before 22.4R3-S2
• Versions from 23.2 before 23.2R2
• Versions from 23.4 before 23.4R1-S1, 23.4R2

Juniper Networks has released patched versions of Junos OS to address this vulnerability. However, as a workaround, organizations can disable J-Web when not in use, restrict its use to low-privileged accounts, or employ intrusion detection systems with specific signatures to block exploitation attempts.