SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Device (Router/Bridge/Hub)  >   Juniper Junos Vendors:   Juniper
Juniper Junos J-Web Information Leak Lets Remote Users Access the Target System
SecurityTracker Alert ID:  1036302
SecurityTracker URL:  http://securitytracker.com/id/1036302
CVE Reference:   CVE-2016-1279   (Links to External Site)
Date:  Jul 14 2016
Impact:   Disclosure of authentication information, Disclosure of system information, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  

Description:   A vulnerability was reported in Juniper Junos J-Web. A remote user can gain access to the target system.

A remote user can exploit an information leak in J-Web to gain administrative privileges on the target system.

The vendor has assigned PR 1114274 to this vulnerability.

Kyle Lovett and Dor Tumarkin reported this vulnerability.

Impact:   A remote user can gain privileged access to the target system.
Solution:   The vendor has issued a fix (12.1X46-D45, 12.1X46-D46, 12.1X46-D51, 12.1X47-D35, 12.3R12, 12.3X48-D25, 13.3R10, 13.3R9-S1, 14.1R7, 14.1X53-D35, 14.2R6, 15.1A2, 15.1F4, 15.1X49-D30, 15.1R3).

The vendor's advisory is available at:

http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10754

Vendor URL:  kb.juniper.net/InfoCenter/index?page=content&id=JSA10754 (Links to External Site)
Cause:   Access control error

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, SecurityGlobal.net LLC