J-Web in Juniper Junos prior to 10.4R13, 11.4 prior to 11.4R7, 12.1R prior to 12.1R6, 12.1X44 prior to 12.1X44-D15, 12.1x45 prior to 12.1X45-D10, 12.2 prior to 12.2R3, 12.3 prior to 12.3R2, and 13.1 prior to 13.1R3 allow remote malicious users to bypass the cross-site request forgery (CSRF) protection mechanism and hijack the authentication of administrators for requests that (1) create new administrator accounts or (2) have other unspecified impacts.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
juniper junos 4.1 |
||
juniper junos 4.2 |
||
juniper junos 4.3 |
||
juniper junos 4.4 |
||
juniper junos 7.0 |
||
juniper junos 7.1 |
||
juniper junos 7.2 |
||
juniper junos 7.3 |
||
juniper junos 9.6 |
||
juniper junos |
||
juniper junos 13.1 |
||
juniper junos 12.1 |
||
juniper junos 12.1x44 |
||
juniper junos 12.1x45 |
||
juniper junos 5.5 |
||
juniper junos 5.6 |
||
juniper junos 5.7 |
||
juniper junos 6.0 |
||
juniper junos 8.1 |
||
juniper junos 8.2 |
||
juniper junos 8.3 |
||
juniper junos 8.4 |
||
juniper junos 12.2 |
||
juniper junos 11.4 |
||
juniper junos 5.1 |
||
juniper junos 5.3 |
||
juniper junos 6.2 |
||
juniper junos 6.4 |
||
juniper junos 7.4 |
||
juniper junos 7.6 |
||
juniper junos 9.1 |
||
juniper junos 9.4 |
||
juniper junos 12.3 |
||
juniper junos 4.0 |
||
juniper junos 5.0 |
||
juniper junos 5.2 |
||
juniper junos 5.4 |
||
juniper junos 6.1 |
||
juniper junos 6.3 |
||
juniper junos 7.5 |
||
juniper junos 8.0 |
||
juniper junos 9.0 |
||
juniper junos 9.2 |
||
juniper junos 9.5 |