Intrusion PreventionJuniper.Networks.Junos.OS.PHPRC.ENV.VAR.Remote.Code.Injection
Description
This indicates an attack attempt to exploit a Code Injection Vulnerability in Juniper Networks Junos OS.
The vulnerability is due to improper input validation when handling user supplied input. A remote, authenticated attacker can exploit this vulnerability by sending a crafted HTTP request to the target server. Successful exploitation could result in arbitrary code injection.
Affected Products
Juniper Junos versions prior to 20.4R3-S9
Juniper Junos versions 21.1R1 and prior
Juniper Junos versions 21.2 versions prior to 21.2R3-S7
Juniper Junos versions 21.3 versions prior to 21.3R3-S5
Juniper Junos versions 21.4 versions prior to 21.4R3-S5
Juniper Junos versions 22.1 versions prior to 22.1R3-S4
Juniper Junos versions 22.2 versions prior to 22.2R3-S2
Juniper Junos versions 22.3 versions prior to 22.3R2-S2, 22.3R3-S
Juniper Junos versions 22.4 versions prior to 22.4R2-S1, 22.4R3
Juniper Junos versions 23.2 versions prior to 23.2R1-S1, 23.2R2
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://supportportal.juniper.net/JSA72300
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| Date | Version | Detail |
|---|---|---|
| 2024-03-13 | 27.748 | Sig Added |
| 2024-02-07 | 26.729 | Default_action:pass:drop |
| 2023-12-06 | 26.690 | Sig Added |
| 2023-11-23 | 26.683 | Sig Added |
| 2023-10-26 | 25.666 |
References
https://supportportal.juniper.net/JSA72300| ID | 54081 |
| Created | Oct 18, 2023 |
| Updated | Mar 13, 2024 |
| Risk |
|
| CVE ID | CVE-2023-36844 CVE-2023-36845 |
| Known Exploited | Yes |
| Exploit Prediction Score | 96.55% |
| Default Action | drop |
| Active | |
| Affected OS | Linux, BSD |
| Affected App | Other |