5.9

CVE-2021-31386

A Protection Mechanism Failure vulnerability in the J-Web HTTP service of Juniper Networks Junos OS allows a remote unauthenticated attacker to perform Person-in-the-Middle (PitM) attacks against the device. This issue affects: Juniper Networks Junos OS 12.3 versions prior to 12.3R12-S20; 15.1 versions prior to 15.1R7-S11; 18.3 versions prior to 18.3R3-S6; 18.4 versions prior to 18.4R3-S10; 19.1 versions prior to 19.1R3-S7; 19.2 versions prior to 19.2R3-S4; 19.3 versions prior to 19.3R3-S4; 19.4 versions prior to 19.4R3-S6; 20.1 versions prior to 20.1R3-S2; 20.2 versions prior to 20.2R3-S3; 20.3 versions prior to 20.3R3-S1; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R3; 21.2 versions prior to 21.2R2.

Data is provided by the National Vulnerability Database (NVD)
JuniperJunos Version12.3 Update-
JuniperJunos Version12.3 Updater1
JuniperJunos Version12.3 Updater10
JuniperJunos Version12.3 Updater10-s1
JuniperJunos Version12.3 Updater10-s2
JuniperJunos Version12.3 Updater11
JuniperJunos Version12.3 Updater12
JuniperJunos Version12.3 Updater12-s1
JuniperJunos Version12.3 Updater12-s10
JuniperJunos Version12.3 Updater12-s11
JuniperJunos Version12.3 Updater12-s12
JuniperJunos Version12.3 Updater12-s13
JuniperJunos Version12.3 Updater12-s14
JuniperJunos Version12.3 Updater12-s15
JuniperJunos Version12.3 Updater12-s16
JuniperJunos Version12.3 Updater12-s17
JuniperJunos Version12.3 Updater12-s18
JuniperJunos Version12.3 Updater12-s19
JuniperJunos Version12.3 Updater12-s3
JuniperJunos Version12.3 Updater12-s4
JuniperJunos Version12.3 Updater12-s6
JuniperJunos Version12.3 Updater12-s8
JuniperJunos Version12.3 Updater2
JuniperJunos Version12.3 Updater3
JuniperJunos Version12.3 Updater4
JuniperJunos Version12.3 Updater5
JuniperJunos Version12.3 Updater6
JuniperJunos Version12.3 Updater7
JuniperJunos Version12.3 Updater8
JuniperJunos Version12.3 Updater9
JuniperJunos Version15.1 Update-
JuniperJunos Version15.1 Updatea1
JuniperJunos Version15.1 Updatef
JuniperJunos Version15.1 Updatef1
JuniperJunos Version15.1 Updatef2
JuniperJunos Version15.1 Updatef2-s1
JuniperJunos Version15.1 Updatef2-s2
JuniperJunos Version15.1 Updatef2-s3
JuniperJunos Version15.1 Updatef2-s4
JuniperJunos Version15.1 Updatef3
JuniperJunos Version15.1 Updatef4
JuniperJunos Version15.1 Updatef5
JuniperJunos Version15.1 Updatef5-s7
JuniperJunos Version15.1 Updatef6
JuniperJunos Version15.1 Updatef6-s1
JuniperJunos Version15.1 Updatef6-s10
JuniperJunos Version15.1 Updatef6-s12
JuniperJunos Version15.1 Updatef6-s2
JuniperJunos Version15.1 Updatef6-s3
JuniperJunos Version15.1 Updatef6-s4
JuniperJunos Version15.1 Updatef6-s5
JuniperJunos Version15.1 Updatef6-s6
JuniperJunos Version15.1 Updatef6-s7
JuniperJunos Version15.1 Updatef6-s8
JuniperJunos Version15.1 Updatef6-s9
JuniperJunos Version15.1 Updatef7
JuniperJunos Version15.1 Updater
JuniperJunos Version15.1 Updater1
JuniperJunos Version15.1 Updater2
JuniperJunos Version15.1 Updater3
JuniperJunos Version15.1 Updater4
JuniperJunos Version15.1 Updater4-s7
JuniperJunos Version15.1 Updater4-s8
JuniperJunos Version15.1 Updater4-s9
JuniperJunos Version15.1 Updater5
JuniperJunos Version15.1 Updater5-s1
JuniperJunos Version15.1 Updater5-s3
JuniperJunos Version15.1 Updater5-s5
JuniperJunos Version15.1 Updater5-s6
JuniperJunos Version15.1 Updater6
JuniperJunos Version15.1 Updater6-s1
JuniperJunos Version15.1 Updater6-s2
JuniperJunos Version15.1 Updater6-s3
JuniperJunos Version15.1 Updater6-s4
JuniperJunos Version15.1 Updater6-s6
JuniperJunos Version15.1 Updater7
JuniperJunos Version15.1 Updater7-s1
JuniperJunos Version15.1 Updater7-s10
JuniperJunos Version15.1 Updater7-s2
JuniperJunos Version15.1 Updater7-s3
JuniperJunos Version15.1 Updater7-s4
JuniperJunos Version15.1 Updater7-s5
JuniperJunos Version15.1 Updater7-s6
JuniperJunos Version15.1 Updater7-s7
JuniperJunos Version15.1 Updater7-s8
JuniperJunos Version15.1 Updater7-s9
JuniperJunos Version18.3 Update-
JuniperJunos Version18.3 Updater1
JuniperJunos Version18.3 Updater1-s1
JuniperJunos Version18.3 Updater1-s2
JuniperJunos Version18.3 Updater1-s3
JuniperJunos Version18.3 Updater1-s4
JuniperJunos Version18.3 Updater1-s5
JuniperJunos Version18.3 Updater1-s6
JuniperJunos Version18.3 Updater2
JuniperJunos Version18.3 Updater2-s1
JuniperJunos Version18.3 Updater2-s2
JuniperJunos Version18.3 Updater2-s3
JuniperJunos Version18.3 Updater2-s4
JuniperJunos Version18.3 Updater3
JuniperJunos Version18.3 Updater3-s1
JuniperJunos Version18.3 Updater3-s2
JuniperJunos Version18.3 Updater3-s3
JuniperJunos Version18.3 Updater3-s4
JuniperJunos Version18.3 Updater3-s5
JuniperJunos Version18.4 Update-
JuniperJunos Version18.4 Updater1
JuniperJunos Version18.4 Updater1-s1
JuniperJunos Version18.4 Updater1-s2
JuniperJunos Version18.4 Updater1-s3
JuniperJunos Version18.4 Updater1-s4
JuniperJunos Version18.4 Updater1-s5
JuniperJunos Version18.4 Updater1-s6
JuniperJunos Version18.4 Updater1-s7
JuniperJunos Version18.4 Updater2
JuniperJunos Version18.4 Updater2-s1
JuniperJunos Version18.4 Updater2-s2
JuniperJunos Version18.4 Updater2-s3
JuniperJunos Version18.4 Updater2-s4
JuniperJunos Version18.4 Updater2-s5
JuniperJunos Version18.4 Updater2-s6
JuniperJunos Version18.4 Updater2-s7
JuniperJunos Version18.4 Updater2-s8
JuniperJunos Version18.4 Updater3
JuniperJunos Version18.4 Updater3-s1
JuniperJunos Version18.4 Updater3-s2
JuniperJunos Version18.4 Updater3-s3
JuniperJunos Version18.4 Updater3-s4
JuniperJunos Version18.4 Updater3-s5
JuniperJunos Version18.4 Updater3-s6
JuniperJunos Version18.4 Updater3-s7
JuniperJunos Version18.4 Updater3-s8
JuniperJunos Version18.4 Updater3-s9
JuniperJunos Version19.1 Update-
JuniperJunos Version19.1 Updater1
JuniperJunos Version19.1 Updater1-s1
JuniperJunos Version19.1 Updater1-s2
JuniperJunos Version19.1 Updater1-s3
JuniperJunos Version19.1 Updater1-s4
JuniperJunos Version19.1 Updater1-s5
JuniperJunos Version19.1 Updater1-s6
JuniperJunos Version19.1 Updater2
JuniperJunos Version19.1 Updater2-s1
JuniperJunos Version19.1 Updater2-s2
JuniperJunos Version19.1 Updater3
JuniperJunos Version19.1 Updater3-s1
JuniperJunos Version19.1 Updater3-s2
JuniperJunos Version19.1 Updater3-s3
JuniperJunos Version19.1 Updater3-s4
JuniperJunos Version19.1 Updater3-s5
JuniperJunos Version19.1 Updater3-s6
JuniperJunos Version19.2 Update-
JuniperJunos Version19.2 Updater1
JuniperJunos Version19.2 Updater1-s1
JuniperJunos Version19.2 Updater1-s2
JuniperJunos Version19.2 Updater1-s3
JuniperJunos Version19.2 Updater1-s4
JuniperJunos Version19.2 Updater1-s5
JuniperJunos Version19.2 Updater1-s6
JuniperJunos Version19.2 Updater2
JuniperJunos Version19.2 Updater2-s1
JuniperJunos Version19.2 Updater3
JuniperJunos Version19.2 Updater3-s1
JuniperJunos Version19.2 Updater3-s2
JuniperJunos Version19.2 Updater3-s3
JuniperJunos Version19.3 Update-
JuniperJunos Version19.3 Updater1
JuniperJunos Version19.3 Updater1-s1
JuniperJunos Version19.3 Updater2
JuniperJunos Version19.3 Updater2-s1
JuniperJunos Version19.3 Updater2-s2
JuniperJunos Version19.3 Updater2-s3
JuniperJunos Version19.3 Updater2-s4
JuniperJunos Version19.3 Updater2-s5
JuniperJunos Version19.3 Updater3
JuniperJunos Version19.3 Updater3-s1
JuniperJunos Version19.3 Updater3-s2
JuniperJunos Version19.3 Updater3-s3
JuniperJunos Version19.4 Updater1
JuniperJunos Version19.4 Updater1-s1
JuniperJunos Version19.4 Updater1-s2
JuniperJunos Version19.4 Updater1-s3
JuniperJunos Version19.4 Updater2
JuniperJunos Version19.4 Updater2-s1
JuniperJunos Version19.4 Updater2-s2
JuniperJunos Version19.4 Updater2-s3
JuniperJunos Version19.4 Updater2-s4
JuniperJunos Version19.4 Updater3
JuniperJunos Version19.4 Updater3-s1
JuniperJunos Version19.4 Updater3-s2
JuniperJunos Version19.4 Updater3-s3
JuniperJunos Version19.4 Updater3-s4
JuniperJunos Version19.4 Updater3-s5
JuniperJunos Version20.1 Updater1
JuniperJunos Version20.1 Updater1-s1
JuniperJunos Version20.1 Updater1-s2
JuniperJunos Version20.1 Updater1-s3
JuniperJunos Version20.1 Updater1-s4
JuniperJunos Version20.1 Updater2
JuniperJunos Version20.1 Updater2-s1
JuniperJunos Version20.1 Updater3
JuniperJunos Version20.1 Updater3-s1
JuniperJunos Version20.2 Updater1
JuniperJunos Version20.2 Updater1-s1
JuniperJunos Version20.2 Updater1-s2
JuniperJunos Version20.2 Updater1-s3
JuniperJunos Version20.2 Updater2
JuniperJunos Version20.2 Updater2-s1
JuniperJunos Version20.2 Updater2-s2
JuniperJunos Version20.2 Updater2-s3
JuniperJunos Version20.2 Updater3
JuniperJunos Version20.2 Updater3-s1
JuniperJunos Version20.2 Updater3-s2
JuniperJunos Version20.3 Updater1
JuniperJunos Version20.3 Updater1-s1
JuniperJunos Version20.3 Updater2
JuniperJunos Version20.3 Updater2-s1
JuniperJunos Version20.3 Updater3
JuniperJunos Version20.4 Updater1
JuniperJunos Version20.4 Updater1-s1
JuniperJunos Version20.4 Updater2
JuniperJunos Version20.4 Updater2-s1
JuniperJunos Version21.1 Updater1
JuniperJunos Version21.1 Updater1-s1
JuniperJunos Version21.1 Updater2
JuniperJunos Version21.2 Updater1
JuniperJunos Version21.2 Updater1-s1
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.15% 0.318
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 5.9 2.2 3.6
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
nvd@nist.gov 2.6 4.9 2.9
AV:N/AC:H/Au:N/C:P/I:N/A:N
sirt@juniper.net 5.3 1.6 3.6
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
CWE-300 Channel Accessible by Non-Endpoint

The product does not adequately verify the identity of actors at both ends of a communication channel, or does not adequately ensure the integrity of the channel, in a way that allows the channel to be accessed or influenced by an actor that is not an endpoint.

CWE-311 Missing Encryption of Sensitive Data

The product does not encrypt sensitive or critical information before storage or transmission.

CWE-325 Missing Cryptographic Step

The product does not implement a required step in a cryptographic algorithm, resulting in weaker encryption than advertised by the algorithm.

CWE-693 Protection Mechanism Failure

The product does not use or incorrectly uses a protection mechanism that provides sufficient defense against directed attacks against the product.