CVE-2024-21619
CVSS 3.1 Score 7.5 of 10 (high)
Details
Summary
CVE-2024-21619 is a critical vulnerability in Juniper Networks Junos OS affecting SRX Series and EX Series. An unauthenticated attacker can access sensitive system information by exploiting a combination of a Missing Authentication for Critical Function and a Generation of Error Message Containing Sensitive Information vulnerability. This issue arises when a temporary file containing configuration information is created during user login and can be accessed through specific file requests. Affected versions include all releases earlier than 20.4R3-S9, 21.2 versions earlier than 21.2R3-S7, 21.3 versions earlier than 21.3R3-S5, 21.4 versions earlier than 21.4R3-S6, 22.1 versions earlier than 22.1R3-S5, 22.2 versions earlier than 22.2R3-S3, 22.3 versions earlier than 22.3R3-S2, 22.4 versions earlier than 22.4R3, and 23.2 versions earlier than 23.2R1-S2 and 23.2R2. Successful exploitation grants attackers access to configuration data, posing a significant security risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.