Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
J-Web in Juniper Junos before 10.4R13, 11.4 before 11.4R7, 12.1R before 12.1R6, 12.1X44 before 12.1X44-D15, 12.1x45 before 12.1X45-D10, 12.2 before 12.2R3, 12.3 before 12.3R2, and 13.1 before 13.1R3 allow remote attackers to bypass the cross-site request forgery (CSRF) protection mechanism and hijack the authentication of administrators for requests that (1) create new administrator accounts or (2) have other unspecified impacts.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Juniper Junos J-Web 跨站请求伪造漏洞
Vulnerability Description
Juniper Networks Junos是美国瞻博网络(Juniper Networks)公司的一套专用于该公司的硬件系统的网络操作系统,该操作系统提供了安全编程接口和Junos SDK。J-Web是一个针对使用Junos的路由器或交换机的网络管理工具。 Juniper Junos中的J-Web软件中存在安全漏洞。远程攻击者可利用该漏洞绕过跨站请求伪造保护机制,执行管理员操作,如创建新的管理员账户。以下版本受到影响:Junos 10.4,11.4,12.1,12.1X44,12.2,12.3,13.1
CVSS Information
N/A
Vulnerability Type
N/A