CVE-2021-31386

EPSS 0.15%
Veröffentlicht 19.10.2021 19:15:11
Zuletzt bearbeitet 21.11.2024 06:05:34
Quelle sirt@juniper.net
CVE-Watchlists
Login
Unerledigt
Login

Junos OS: When using J-Web with HTTP an attacker may retrieve encryption keys via Person-in-the-Middle attacks.

A Protection Mechanism Failure vulnerability in the J-Web HTTP service of Juniper Networks Junos OS allows a remote unauthenticated attacker to perform Person-in-the-Middle (PitM) attacks against the device. This issue affects: Juniper Networks Junos OS 12.3 versions prior to 12.3R12-S20; 15.1 versions prior to 15.1R7-S11; 18.3 versions prior to 18.3R3-S6; 18.4 versions prior to 18.4R3-S10; 19.1 versions prior to 19.1R3-S7; 19.2 versions prior to 19.2R3-S4; 19.3 versions prior to 19.3R3-S4; 19.4 versions prior to 19.4R3-S6; 20.1 versions prior to 20.1R3-S2; 20.2 versions prior to 20.2R3-S3; 20.3 versions prior to 20.3R3-S1; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R3; 21.2 versions prior to 21.2R2.

Betroffene Produkte Warnungen 0 Metriken 4 CWE 4 Referenzen 4

NVD 227 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Juniper ≫ Junos Version12.3 Update-

Juniper ≫ Junos Version12.3 Updater1

Juniper ≫ Junos Version12.3 Updater10

Juniper ≫ Junos Version12.3 Updater10-s1

Juniper ≫ Junos Version12.3 Updater10-s2

Juniper ≫ Junos Version12.3 Updater11

Juniper ≫ Junos Version12.3 Updater12

Juniper ≫ Junos Version12.3 Updater12-s1

Juniper ≫ Junos Version12.3 Updater12-s10

Juniper ≫ Junos Version12.3 Updater12-s11

Juniper ≫ Junos Version12.3 Updater12-s12

Juniper ≫ Junos Version12.3 Updater12-s13

Juniper ≫ Junos Version12.3 Updater12-s14

Juniper ≫ Junos Version12.3 Updater12-s15

Juniper ≫ Junos Version12.3 Updater12-s16

Juniper ≫ Junos Version12.3 Updater12-s17

Juniper ≫ Junos Version12.3 Updater12-s18

Juniper ≫ Junos Version12.3 Updater12-s19

Juniper ≫ Junos Version12.3 Updater12-s3

Juniper ≫ Junos Version12.3 Updater12-s4

Juniper ≫ Junos Version12.3 Updater12-s6

Juniper ≫ Junos Version12.3 Updater12-s8

Juniper ≫ Junos Version12.3 Updater2

Juniper ≫ Junos Version12.3 Updater3

Juniper ≫ Junos Version12.3 Updater4

Juniper ≫ Junos Version12.3 Updater5

Juniper ≫ Junos Version12.3 Updater6

Juniper ≫ Junos Version12.3 Updater7

Juniper ≫ Junos Version12.3 Updater8

Juniper ≫ Junos Version12.3 Updater9

Juniper ≫ Junos Version15.1 Update-

Juniper ≫ Junos Version15.1 Updatea1

Juniper ≫ Junos Version15.1 Updatef

Juniper ≫ Junos Version15.1 Updatef1

Juniper ≫ Junos Version15.1 Updatef2

Juniper ≫ Junos Version15.1 Updatef2-s1

Juniper ≫ Junos Version15.1 Updatef2-s2

Juniper ≫ Junos Version15.1 Updatef2-s3

Juniper ≫ Junos Version15.1 Updatef2-s4

Juniper ≫ Junos Version15.1 Updatef3

Juniper ≫ Junos Version15.1 Updatef4

Juniper ≫ Junos Version15.1 Updatef5

Juniper ≫ Junos Version15.1 Updatef5-s7

Juniper ≫ Junos Version15.1 Updatef6

Juniper ≫ Junos Version15.1 Updatef6-s1

Juniper ≫ Junos Version15.1 Updatef6-s10

Juniper ≫ Junos Version15.1 Updatef6-s12

Juniper ≫ Junos Version15.1 Updatef6-s2

Juniper ≫ Junos Version15.1 Updatef6-s3

Juniper ≫ Junos Version15.1 Updatef6-s4

Juniper ≫ Junos Version15.1 Updatef6-s5

Juniper ≫ Junos Version15.1 Updatef6-s6

Juniper ≫ Junos Version15.1 Updatef6-s7

Juniper ≫ Junos Version15.1 Updatef6-s8

Juniper ≫ Junos Version15.1 Updatef6-s9

Juniper ≫ Junos Version15.1 Updatef7

Juniper ≫ Junos Version15.1 Updater

Juniper ≫ Junos Version15.1 Updater1

Juniper ≫ Junos Version15.1 Updater2

Juniper ≫ Junos Version15.1 Updater3

Juniper ≫ Junos Version15.1 Updater4

Juniper ≫ Junos Version15.1 Updater4-s7

Juniper ≫ Junos Version15.1 Updater4-s8

Juniper ≫ Junos Version15.1 Updater4-s9

Juniper ≫ Junos Version15.1 Updater5

Juniper ≫ Junos Version15.1 Updater5-s1

Juniper ≫ Junos Version15.1 Updater5-s3

Juniper ≫ Junos Version15.1 Updater5-s5

Juniper ≫ Junos Version15.1 Updater5-s6

Juniper ≫ Junos Version15.1 Updater6

Juniper ≫ Junos Version15.1 Updater6-s1

Juniper ≫ Junos Version15.1 Updater6-s2

Juniper ≫ Junos Version15.1 Updater6-s3

Juniper ≫ Junos Version15.1 Updater6-s4

Juniper ≫ Junos Version15.1 Updater6-s6

Juniper ≫ Junos Version15.1 Updater7

Juniper ≫ Junos Version15.1 Updater7-s1

Juniper ≫ Junos Version15.1 Updater7-s10

Juniper ≫ Junos Version15.1 Updater7-s2

Juniper ≫ Junos Version15.1 Updater7-s3

Juniper ≫ Junos Version15.1 Updater7-s4

Juniper ≫ Junos Version15.1 Updater7-s5

Juniper ≫ Junos Version15.1 Updater7-s6

Juniper ≫ Junos Version15.1 Updater7-s7

Juniper ≫ Junos Version15.1 Updater7-s8

Juniper ≫ Junos Version15.1 Updater7-s9

Juniper ≫ Junos Version18.3 Update-

Juniper ≫ Junos Version18.3 Updater1

Juniper ≫ Junos Version18.3 Updater1-s1

Juniper ≫ Junos Version18.3 Updater1-s2

Juniper ≫ Junos Version18.3 Updater1-s3

Juniper ≫ Junos Version18.3 Updater1-s4

Juniper ≫ Junos Version18.3 Updater1-s5

Juniper ≫ Junos Version18.3 Updater1-s6

Juniper ≫ Junos Version18.3 Updater2

Juniper ≫ Junos Version18.3 Updater2-s1

Juniper ≫ Junos Version18.3 Updater2-s2

Juniper ≫ Junos Version18.3 Updater2-s3

Juniper ≫ Junos Version18.3 Updater2-s4

Juniper ≫ Junos Version18.3 Updater3

Juniper ≫ Junos Version18.3 Updater3-s1

Juniper ≫ Junos Version18.3 Updater3-s2

Juniper ≫ Junos Version18.3 Updater3-s3

Juniper ≫ Junos Version18.3 Updater3-s4

Juniper ≫ Junos Version18.3 Updater3-s5

Juniper ≫ Junos Version18.4 Update-

Juniper ≫ Junos Version18.4 Updater1

Juniper ≫ Junos Version18.4 Updater1-s1

Juniper ≫ Junos Version18.4 Updater1-s2

Juniper ≫ Junos Version18.4 Updater1-s3

Juniper ≫ Junos Version18.4 Updater1-s4

Juniper ≫ Junos Version18.4 Updater1-s5

Juniper ≫ Junos Version18.4 Updater1-s6

Juniper ≫ Junos Version18.4 Updater1-s7

Juniper ≫ Junos Version18.4 Updater2

Juniper ≫ Junos Version18.4 Updater2-s1

Juniper ≫ Junos Version18.4 Updater2-s2

Juniper ≫ Junos Version18.4 Updater2-s3

Juniper ≫ Junos Version18.4 Updater2-s4

Juniper ≫ Junos Version18.4 Updater2-s5

Juniper ≫ Junos Version18.4 Updater2-s6

Juniper ≫ Junos Version18.4 Updater2-s7

Juniper ≫ Junos Version18.4 Updater2-s8

Juniper ≫ Junos Version18.4 Updater3

Juniper ≫ Junos Version18.4 Updater3-s1

Juniper ≫ Junos Version18.4 Updater3-s2

Juniper ≫ Junos Version18.4 Updater3-s3

Juniper ≫ Junos Version18.4 Updater3-s4

Juniper ≫ Junos Version18.4 Updater3-s5

Juniper ≫ Junos Version18.4 Updater3-s6

Juniper ≫ Junos Version18.4 Updater3-s7

Juniper ≫ Junos Version18.4 Updater3-s8

Juniper ≫ Junos Version18.4 Updater3-s9

Juniper ≫ Junos Version19.1 Update-

Juniper ≫ Junos Version19.1 Updater1

Juniper ≫ Junos Version19.1 Updater1-s1

Juniper ≫ Junos Version19.1 Updater1-s2

Juniper ≫ Junos Version19.1 Updater1-s3

Juniper ≫ Junos Version19.1 Updater1-s4

Juniper ≫ Junos Version19.1 Updater1-s5

Juniper ≫ Junos Version19.1 Updater1-s6

Juniper ≫ Junos Version19.1 Updater2

Juniper ≫ Junos Version19.1 Updater2-s1

Juniper ≫ Junos Version19.1 Updater2-s2

Juniper ≫ Junos Version19.1 Updater3

Juniper ≫ Junos Version19.1 Updater3-s1

Juniper ≫ Junos Version19.1 Updater3-s2

Juniper ≫ Junos Version19.1 Updater3-s3

Juniper ≫ Junos Version19.1 Updater3-s4

Juniper ≫ Junos Version19.1 Updater3-s5

Juniper ≫ Junos Version19.1 Updater3-s6

Juniper ≫ Junos Version19.2 Update-

Juniper ≫ Junos Version19.2 Updater1

Juniper ≫ Junos Version19.2 Updater1-s1

Juniper ≫ Junos Version19.2 Updater1-s2

Juniper ≫ Junos Version19.2 Updater1-s3

Juniper ≫ Junos Version19.2 Updater1-s4

Juniper ≫ Junos Version19.2 Updater1-s5

Juniper ≫ Junos Version19.2 Updater1-s6

Juniper ≫ Junos Version19.2 Updater2

Juniper ≫ Junos Version19.2 Updater2-s1

Juniper ≫ Junos Version19.2 Updater3

Juniper ≫ Junos Version19.2 Updater3-s1

Juniper ≫ Junos Version19.2 Updater3-s2

Juniper ≫ Junos Version19.2 Updater3-s3

Juniper ≫ Junos Version19.3 Update-

Juniper ≫ Junos Version19.3 Updater1

Juniper ≫ Junos Version19.3 Updater1-s1

Juniper ≫ Junos Version19.3 Updater2

Juniper ≫ Junos Version19.3 Updater2-s1

Juniper ≫ Junos Version19.3 Updater2-s2

Juniper ≫ Junos Version19.3 Updater2-s3

Juniper ≫ Junos Version19.3 Updater2-s4

Juniper ≫ Junos Version19.3 Updater2-s5

Juniper ≫ Junos Version19.3 Updater3

Juniper ≫ Junos Version19.3 Updater3-s1

Juniper ≫ Junos Version19.3 Updater3-s2

Juniper ≫ Junos Version19.3 Updater3-s3

Juniper ≫ Junos Version19.4 Updater1

Juniper ≫ Junos Version19.4 Updater1-s1

Juniper ≫ Junos Version19.4 Updater1-s2

Juniper ≫ Junos Version19.4 Updater1-s3

Juniper ≫ Junos Version19.4 Updater2

Juniper ≫ Junos Version19.4 Updater2-s1

Juniper ≫ Junos Version19.4 Updater2-s2

Juniper ≫ Junos Version19.4 Updater2-s3

Juniper ≫ Junos Version19.4 Updater2-s4

Juniper ≫ Junos Version19.4 Updater3

Juniper ≫ Junos Version19.4 Updater3-s1

Juniper ≫ Junos Version19.4 Updater3-s2

Juniper ≫ Junos Version19.4 Updater3-s3

Juniper ≫ Junos Version19.4 Updater3-s4

Juniper ≫ Junos Version19.4 Updater3-s5

Juniper ≫ Junos Version20.1 Updater1

Juniper ≫ Junos Version20.1 Updater1-s1

Juniper ≫ Junos Version20.1 Updater1-s2

Juniper ≫ Junos Version20.1 Updater1-s3

Juniper ≫ Junos Version20.1 Updater1-s4

Juniper ≫ Junos Version20.1 Updater2

Juniper ≫ Junos Version20.1 Updater2-s1

Juniper ≫ Junos Version20.1 Updater3

Juniper ≫ Junos Version20.1 Updater3-s1

Juniper ≫ Junos Version20.2 Updater1

Juniper ≫ Junos Version20.2 Updater1-s1

Juniper ≫ Junos Version20.2 Updater1-s2

Juniper ≫ Junos Version20.2 Updater1-s3

Juniper ≫ Junos Version20.2 Updater2

Juniper ≫ Junos Version20.2 Updater2-s1

Juniper ≫ Junos Version20.2 Updater2-s2

Juniper ≫ Junos Version20.2 Updater2-s3

Juniper ≫ Junos Version20.2 Updater3

Juniper ≫ Junos Version20.2 Updater3-s1

Juniper ≫ Junos Version20.2 Updater3-s2

Juniper ≫ Junos Version20.3 Updater1

Juniper ≫ Junos Version20.3 Updater1-s1

Juniper ≫ Junos Version20.3 Updater2

Juniper ≫ Junos Version20.3 Updater2-s1

Juniper ≫ Junos Version20.3 Updater3

Juniper ≫ Junos Version20.4 Updater1

Juniper ≫ Junos Version20.4 Updater1-s1

Juniper ≫ Junos Version20.4 Updater2

Juniper ≫ Junos Version20.4 Updater2-s1

Juniper ≫ Junos Version21.1 Updater1

Juniper ≫ Junos Version21.1 Updater1-s1

Juniper ≫ Junos Version21.1 Updater2

Juniper ≫ Junos Version21.2 Updater1

Juniper ≫ Junos Version21.2 Updater1-s1

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.15%	0.318

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.9	2.2	3.6	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
nvd@nist.gov	2.6	4.9	2.9	AV:N/AC:H/Au:N/C:P/I:N/A:N
sirt@juniper.net	5.3	1.6	3.6	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N

CWE-300 Channel Accessible by Non-Endpoint

The product does not adequately verify the identity of actors at both ends of a communication channel, or does not adequately ensure the integrity of the channel, in a way that allows the channel to be accessed or influenced by an actor that is not an endpoint.

CWE-311 Missing Encryption of Sensitive Data

The product does not encrypt sensitive or critical information before storage or transmission.

CWE-325 Missing Cryptographic Step

The product does not implement a required step in a cryptographic algorithm, resulting in weaker encryption than advertised by the algorithm.

CWE-693 Protection Mechanism Failure

The product does not use or incorrectly uses a protection mechanism that provides sufficient defense against directed attacks against the product.

https://kb.juniper.net/JSA11254

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2021-31386

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2021-31386

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2021-31386

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2021-31386