Juniper Networks has published updates to address numerous vulnerabilities in Junos OS’s J-Web component on SRX series firewalls and EX series switches, including a critical problem.
The J-Web interface, which can be accessed via a browser, enables administrators to monitor, configure, troubleshoot, and manage Junos-based devices. The most serious of the resolved issues is a cross-site scripting flaw identified as CVE-2024-21620 (CVSS score of 8.8).
It could allow an attacker to create a malicious URL that, when visited by a user, could result in the execution of arbitrary commands with the user’s permissions, including those of an administrator.
Read more: Juniper Networks Patches Vulnerabilities in Switches, Firewalls
For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.