FKIE_CVE-2021-31355

Vulnerability from fkie_nvd - Published: 2021-10-19 19:15 - Updated: 2024-11-21 06:05
Severity ?
8.0 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Summary
A persistent cross-site scripting (XSS) vulnerability in the captive portal graphical user interface of Juniper Networks Junos OS may allow a remote authenticated user to inject web script or HTML and steal sensitive data and credentials from a web administration session, possibly tricking a follow-on administrative user to perform administrative actions on the device. This issue affects Juniper Networks Junos OS: All versions, including the following supported releases: 12.3X48 versions prior to 12.3X48-D105; 15.1X49 versions prior to 15.1X49-D220; 18.3 versions prior to 18.3R3-S5; 18.4 versions prior to 18.4R3-S9; 19.1 versions prior to 19.1R3-S7; 19.2 versions prior to 19.2R3-S3; 19.3 versions prior to 19.3R3-S4; 19.4 versions prior to 19.4R3-S6; 20.1 versions prior to 20.1R3; 20.2 versions prior to 20.2R1-S1, 20.2R2; 20.3 versions prior to 20.3R2; 20.4 versions prior to 20.4R2; 21.1 versions prior to 21.1R2.
References
sirt@juniper.nethttps://kb.juniper.net/JSA11220Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://kb.juniper.net/JSA11220Patch, Vendor Advisory
Impacted products
Vendor Product Version
juniper junos 12.3x48
juniper junos 12.3x48
juniper junos 12.3x48
juniper junos 12.3x48
juniper junos 12.3x48
juniper junos 12.3x48
juniper junos 12.3x48
juniper junos 12.3x48
juniper junos 12.3x48
juniper junos 12.3x48
juniper junos 12.3x48
juniper junos 12.3x48
juniper junos 12.3x48
juniper junos 12.3x48
juniper junos 12.3x48
juniper junos 12.3x48
juniper junos 12.3x48
juniper junos 12.3x48
juniper junos 12.3x48
juniper junos 12.3x48
juniper junos 12.3x48
juniper junos 12.3x48
juniper junos 15.1x49
juniper junos 15.1x49
juniper junos 15.1x49
juniper junos 15.1x49
juniper junos 15.1x49
juniper junos 15.1x49
juniper junos 15.1x49
juniper junos 15.1x49
juniper junos 15.1x49
juniper junos 15.1x49
juniper junos 15.1x49
juniper junos 15.1x49
juniper junos 15.1x49
juniper junos 15.1x49
juniper junos 15.1x49
juniper junos 15.1x49
juniper junos 15.1x49
juniper junos 15.1x49
juniper junos 15.1x49
juniper junos 15.1x49
juniper junos 15.1x49
juniper junos 15.1x49
juniper junos 15.1x49
juniper junos 15.1x49
juniper junos 15.1x49
juniper junos 15.1x49
juniper junos 15.1x49
juniper junos 15.1x49
juniper junos 15.1x49
juniper junos 15.1x49
juniper junos 18.3
juniper junos 18.3
juniper junos 18.3
juniper junos 18.3
juniper junos 18.3
juniper junos 18.3
juniper junos 18.3
juniper junos 18.3
juniper junos 18.3
juniper junos 18.3
juniper junos 18.3
juniper junos 18.3
juniper junos 18.3
juniper junos 18.3
juniper junos 18.3
juniper junos 18.4
juniper junos 18.4
juniper junos 18.4
juniper junos 18.4
juniper junos 18.4
juniper junos 18.4
juniper junos 18.4
juniper junos 18.4
juniper junos 18.4
juniper junos 18.4
juniper junos 18.4
juniper junos 18.4
juniper junos 18.4
juniper junos 18.4
juniper junos 18.4
juniper junos 18.4
juniper junos 18.4
juniper junos 18.4
juniper junos 19.1
juniper junos 19.1
juniper junos 19.1
juniper junos 19.1
juniper junos 19.1
juniper junos 19.1
juniper junos 19.1
juniper junos 19.1
juniper junos 19.1
juniper junos 19.1
juniper junos 19.1
juniper junos 19.2
juniper junos 19.2
juniper junos 19.2
juniper junos 19.2
juniper junos 19.2
juniper junos 19.2
juniper junos 19.2
juniper junos 19.2
juniper junos 19.3
juniper junos 19.3
juniper junos 19.3
juniper junos 19.3
juniper junos 19.3
juniper junos 19.3
juniper junos 19.3
juniper junos 19.4
juniper junos 19.4
juniper junos 19.4
juniper junos 19.4
juniper junos 19.4
juniper junos 20.1
juniper junos 20.1
juniper junos 20.1
juniper junos 20.1
juniper junos 20.1
juniper junos 20.1
juniper junos 20.1
juniper junos 20.1
juniper junos 20.2
juniper junos 20.2
juniper junos 20.3
juniper junos 20.3
juniper junos 20.4
juniper junos 20.4
juniper junos 21.1
juniper junos 21.1
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3x48:-:*:*:*:*:*:*",
              "matchCriteriaId": "AC1FED64-8725-4978-9EBF-E3CD8EF338E4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3x48:d10:*:*:*:*:*:*",
              "matchCriteriaId": "4B7066A4-CD05-4E1A-89E8-71B4CB92CFF3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3x48:d100:*:*:*:*:*:*",
              "matchCriteriaId": "40FCCE73-C94E-4A0B-B056-8D323C64B425",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3x48:d15:*:*:*:*:*:*",
              "matchCriteriaId": "A4AC2E1E-74FB-4DA3-8292-B2079F83FF54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3x48:d20:*:*:*:*:*:*",
              "matchCriteriaId": "5FF83BD0-3B28-481E-8C8F-09ECDA493DA4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3x48:d25:*:*:*:*:*:*",
              "matchCriteriaId": "6E296274-AFC1-4F56-A4B3-827C2E0BC9D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3x48:d30:*:*:*:*:*:*",
              "matchCriteriaId": "3C82799B-BD25-4359-9E3D-4D7CA7367525",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3x48:d35:*:*:*:*:*:*",
              "matchCriteriaId": "094485FF-960C-4533-A2AF-6C4D420D260D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3x48:d40:*:*:*:*:*:*",
              "matchCriteriaId": "F8BE3661-1DE5-4F57-9384-68C1B34F6812",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3x48:d45:*:*:*:*:*:*",
              "matchCriteriaId": "B45E8A14-E7F4-41EB-9BFA-7A19E35D11FE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3x48:d50:*:*:*:*:*:*",
              "matchCriteriaId": "C6C694C6-C58C-4513-91E8-6CC22A2386E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3x48:d51:*:*:*:*:*:*",
              "matchCriteriaId": "64A0CCD4-91BA-440E-A14C-48E67D1F03A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3x48:d55:*:*:*:*:*:*",
              "matchCriteriaId": "6B65EF51-ED97-4973-94C4-8F66C553F190",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3x48:d60:*:*:*:*:*:*",
              "matchCriteriaId": "9EE7C08A-2A4B-4A84-AD95-A890913E2EE3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3x48:d65:*:*:*:*:*:*",
              "matchCriteriaId": "44C61900-680C-4C74-8B96-ACC93FE9465E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3x48:d66:*:*:*:*:*:*",
              "matchCriteriaId": "6A793CCD-397E-45DA-9349-D01C69AB96D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3x48:d70:*:*:*:*:*:*",
              "matchCriteriaId": "B6C38637-ABE0-419A-A053-CBE076766551",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3x48:d75:*:*:*:*:*:*",
              "matchCriteriaId": "1F87EF0D-E609-4D4A-B228-CEF05C753E68",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3x48:d80:*:*:*:*:*:*",
              "matchCriteriaId": "4484081E-E2E9-4858-8960-144D820CF7D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3x48:d85:*:*:*:*:*:*",
              "matchCriteriaId": "4D12F342-3A79-4F94-BFD0-F1A0942CFFB9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3x48:d90:*:*:*:*:*:*",
              "matchCriteriaId": "90070E86-9400-4D5F-977D-8900904952A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:12.3x48:d95:*:*:*:*:*:*",
              "matchCriteriaId": "E068F519-48E6-4000-B8CA-078F885B6BF0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:-:*:*:*:*:*:*",
              "matchCriteriaId": "27A6BF09-ABBF-4126-ADD6-B174937F8554",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d10:*:*:*:*:*:*",
              "matchCriteriaId": "D90D8985-34EF-44CC-A9A7-CB0FD22676F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d100:*:*:*:*:*:*",
              "matchCriteriaId": "856A5668-FA4F-44E9-A3F0-BE4979F631E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d110:*:*:*:*:*:*",
              "matchCriteriaId": "F3B2DA4D-5E5D-4E09-BE4D-5B3371703D8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d120:*:*:*:*:*:*",
              "matchCriteriaId": "FA2459ED-DFA5-4701-AF92-C2928C3BD64D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d130:*:*:*:*:*:*",
              "matchCriteriaId": "8830C4BC-2B3D-4CCF-A37E-79C2D46159BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d131:*:*:*:*:*:*",
              "matchCriteriaId": "40D42ACF-860C-4B47-8E25-7DEC30FB8064",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d140:*:*:*:*:*:*",
              "matchCriteriaId": "C808E08F-1992-43DD-A106-E920DC784831",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d15:*:*:*:*:*:*",
              "matchCriteriaId": "C8C94365-988C-4A14-8E49-846152FDC666",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d150:*:*:*:*:*:*",
              "matchCriteriaId": "E288F54B-AEA3-412F-85A4-EBDFE74DB84F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d160:*:*:*:*:*:*",
              "matchCriteriaId": "02AAC05C-1C4B-4F35-A286-52D20DFD6212",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d170:*:*:*:*:*:*",
              "matchCriteriaId": "080422D3-B508-4049-B558-4B04BF2E8AB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d180:*:*:*:*:*:*",
              "matchCriteriaId": "2FAFD8F8-CBD2-45CA-BD3C-875C8FA1D778",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d190:*:*:*:*:*:*",
              "matchCriteriaId": "C68F093D-3205-43A5-BA06-85AC7BEEFD94",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d20:*:*:*:*:*:*",
              "matchCriteriaId": "18468579-0195-4DDE-BAA5-4BE4068F3A69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d200:*:*:*:*:*:*",
              "matchCriteriaId": "A70F0055-74B8-41F3-BB43-6CBF3F231674",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d210:*:*:*:*:*:*",
              "matchCriteriaId": "8B7D617C-E88E-4981-91E1-0FAB5029E4B1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d25:*:*:*:*:*:*",
              "matchCriteriaId": "6825F6BA-B48F-4E02-938F-6B297E21BA07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d30:*:*:*:*:*:*",
              "matchCriteriaId": "0E5FAA97-171F-4DB9-B78E-6E1A5F34336A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d35:*:*:*:*:*:*",
              "matchCriteriaId": "870244F3-1C05-4F10-A205-5189BB860F46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d40:*:*:*:*:*:*",
              "matchCriteriaId": "235EE40B-AA15-4F39-8087-A051F4F70995",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d45:*:*:*:*:*:*",
              "matchCriteriaId": "17330544-3AFC-463E-A146-2840A8AE17D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d50:*:*:*:*:*:*",
              "matchCriteriaId": "8ABA301F-7866-42A5-8391-E07BEAFF06FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d55:*:*:*:*:*:*",
              "matchCriteriaId": "884E4A85-ED42-4391-9FDD-9052F957743A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d60:*:*:*:*:*:*",
              "matchCriteriaId": "1901864B-688B-4352-A587-4B96B4E49FB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d65:*:*:*:*:*:*",
              "matchCriteriaId": "78F53FBF-C6D8-4AE5-87EC-9D9F88DCEFB9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d70:*:*:*:*:*:*",
              "matchCriteriaId": "1B6670FB-9F5A-469B-97F2-074C28572065",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d75:*:*:*:*:*:*",
              "matchCriteriaId": "71198992-83AA-4E28-BA7D-A3C1897B5E2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d80:*:*:*:*:*:*",
              "matchCriteriaId": "4323D874-C317-4D76-8E2D-C82376D84CBE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:15.1x49:d90:*:*:*:*:*:*",
              "matchCriteriaId": "F56067DA-EBA9-481A-B60B-52148584EFBD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.3:-:*:*:*:*:*:*",
              "matchCriteriaId": "1BB9C2BB-D20B-41E9-B75F-7FAD9ECCDB99",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.3:r1:*:*:*:*:*:*",
              "matchCriteriaId": "5342C3DC-D640-47AB-BD76-3444852988A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.3:r1-s1:*:*:*:*:*:*",
              "matchCriteriaId": "8AB8585E-EDC6-4400-BEE3-3A6A7C922C90",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.3:r1-s2:*:*:*:*:*:*",
              "matchCriteriaId": "A2ABC574-B3FC-4025-B50D-7F9EEB28C806",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.3:r1-s3:*:*:*:*:*:*",
              "matchCriteriaId": "6F6EAFC3-C3AC-4361-8530-39FCF89702F7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.3:r1-s4:*:*:*:*:*:*",
              "matchCriteriaId": "92FB1BF6-8852-45D8-817C-36CDBE730801",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.3:r1-s5:*:*:*:*:*:*",
              "matchCriteriaId": "6B363298-315C-4FD5-9417-C5B82883A224",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.3:r1-s6:*:*:*:*:*:*",
              "matchCriteriaId": "EB08FF7B-01F5-4A19-858E-E2CD19D61A62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.3:r2:*:*:*:*:*:*",
              "matchCriteriaId": "B7A3FBD3-5399-42A9-9BD9-E3C981CBD6DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.3:r2-s1:*:*:*:*:*:*",
              "matchCriteriaId": "4EBD361C-8B4D-43EF-8B82-9FE165D8206E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.3:r2-s2:*:*:*:*:*:*",
              "matchCriteriaId": "6E7539C4-6208-43EB-9A0B-4852D0CE0FA1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.3:r2-s3:*:*:*:*:*:*",
              "matchCriteriaId": "35299B02-DC75-458D-B86D-8A0DB95B06AA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.3:r3:*:*:*:*:*:*",
              "matchCriteriaId": "CFB29C9B-9729-43EB-AF98-AF44038DA711",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.3:r3-s1:*:*:*:*:*:*",
              "matchCriteriaId": "2D1FB957-54C8-428E-BC8D-2802D7F6895F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.3:r3-s2:*:*:*:*:*:*",
              "matchCriteriaId": "A0BC4766-4BA4-4B02-A654-5C527EA66E9E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.4:-:*:*:*:*:*:*",
              "matchCriteriaId": "74CA9010-D3DE-487B-B46F-589A48AB0F0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.4:r1:*:*:*:*:*:*",
              "matchCriteriaId": "A38F224C-8E9B-44F3-9D4F-6C9F04F57927",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.4:r1-s1:*:*:*:*:*:*",
              "matchCriteriaId": "853F146A-9A0F-49B6-AFD2-9907434212F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.4:r1-s2:*:*:*:*:*:*",
              "matchCriteriaId": "8F73B88B-E66C-4ACD-B38D-9365FB230ABA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.4:r1-s3:*:*:*:*:*:*",
              "matchCriteriaId": "EE1F82EC-3222-4158-8923-59CDA1909A9C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.4:r1-s4:*:*:*:*:*:*",
              "matchCriteriaId": "8FE95D15-B5E5-4E74-9464-C72D8B646A6B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.4:r1-s5:*:*:*:*:*:*",
              "matchCriteriaId": "C012CD07-706A-4E1C-B399-C55AEF5C8309",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.4:r1-s6:*:*:*:*:*:*",
              "matchCriteriaId": "A0C26E59-874A-4D87-9E7F-E366F4D65ED1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.4:r1-s7:*:*:*:*:*:*",
              "matchCriteriaId": "75902119-60D0-49F8-8E01-666E0F75935A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.4:r2:*:*:*:*:*:*",
              "matchCriteriaId": "D59D7A31-128B-4034-862B-8EF3CE3EE949",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.4:r2-s1:*:*:*:*:*:*",
              "matchCriteriaId": "0C5E097B-B79E-4E6A-9291-C8CB9674FED5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.4:r2-s2:*:*:*:*:*:*",
              "matchCriteriaId": "819FA3ED-F934-4B20-BC0E-D638ACCB7787",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.4:r2-s3:*:*:*:*:*:*",
              "matchCriteriaId": "3D7D773A-4988-4D7C-A105-1885EBE14426",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.4:r2-s4:*:*:*:*:*:*",
              "matchCriteriaId": "1BD93674-9375-493E-BD6C-8AD41CC75DD4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.4:r3:*:*:*:*:*:*",
              "matchCriteriaId": "736B7A9F-E237-45AF-A6D6-84412475F481",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.4:r3-s1:*:*:*:*:*:*",
              "matchCriteriaId": "62E63730-F697-4FE6-936B-FD9B4F22EAE8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.4:r3-s2:*:*:*:*:*:*",
              "matchCriteriaId": "064A7052-4EF5-4BFB-88FF-8122AEECB6A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:18.4:r3-s3:*:*:*:*:*:*",
              "matchCriteriaId": "08C58CCB-3BAA-4400-B371-556DF46DE69C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "768C0EB7-8456-4BF4-8598-3401A54D21DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "5332B70A-F6B0-4C3B-90E2-5CBFB3326126",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.1:r1-s1:*:*:*:*:*:*",
              "matchCriteriaId": "81439FE8-5405-45C2-BC04-9823D2009A77",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.1:r1-s2:*:*:*:*:*:*",
              "matchCriteriaId": "E506138D-043E-485D-B485-94A2AB75F8E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.1:r1-s3:*:*:*:*:*:*",
              "matchCriteriaId": "0EF3C901-3599-463F-BEFB-8858768DC195",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.1:r1-s4:*:*:*:*:*:*",
              "matchCriteriaId": "CD806778-A995-4A9B-9C05-F4D7B1CB1F7D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.1:r1-s5:*:*:*:*:*:*",
              "matchCriteriaId": "02B42BE8-1EF2-47F7-9F10-DE486A017EED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.1:r2:*:*:*:*:*:*",
              "matchCriteriaId": "DCAB79C9-6639-4ED0-BEC9-E7C8229DF977",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.1:r2-s1:*:*:*:*:*:*",
              "matchCriteriaId": "C8CF858F-84BB-4AEA-B829-FCF22C326160",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.1:r3:*:*:*:*:*:*",
              "matchCriteriaId": "5405F361-AB96-4477-AA0D-49B874324B39",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.1:r3-s1:*:*:*:*:*:*",
              "matchCriteriaId": "E45E5421-2F6F-4AF9-8EB1-431A804FC649",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.2:-:*:*:*:*:*:*",
              "matchCriteriaId": "0E7545CE-6300-4E81-B5AF-2BE150C1B190",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.2:r1:*:*:*:*:*:*",
              "matchCriteriaId": "4CA3060F-1800-4A06-A453-FB8CE4B65312",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.2:r1-s1:*:*:*:*:*:*",
              "matchCriteriaId": "9A5B337A-727C-4767-AD7B-E0F7F99EB46F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.2:r1-s2:*:*:*:*:*:*",
              "matchCriteriaId": "16FDE60B-7A99-4683-BC14-530B5B005F8B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.2:r1-s3:*:*:*:*:*:*",
              "matchCriteriaId": "725D8C27-E4F8-4394-B4EC-B49B6D3C2709",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.2:r1-s4:*:*:*:*:*:*",
              "matchCriteriaId": "8233C3AB-470E-4D13-9BFD-C9E90918FD0B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.2:r2:*:*:*:*:*:*",
              "matchCriteriaId": "7C71D2FA-B1A4-4004-807F-7B3BB347DF4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.2:r2-s1:*:*:*:*:*:*",
              "matchCriteriaId": "9E78E854-DDD3-4D1A-97AB-AEA70B9B811F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.3:-:*:*:*:*:*:*",
              "matchCriteriaId": "59006503-B2CA-4F79-AC13-7C5615A74CE5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.3:r1:*:*:*:*:*:*",
              "matchCriteriaId": "B8110DA9-54B1-43CF-AACB-76EABE0C9EF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.3:r1-s1:*:*:*:*:*:*",
              "matchCriteriaId": "11B5CC5A-1959-4113-BFCF-E4BA63D918C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.3:r2:*:*:*:*:*:*",
              "matchCriteriaId": "33F08A33-EF80-4D86-9A9A-9DF147B9B6D3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.3:r2-s1:*:*:*:*:*:*",
              "matchCriteriaId": "AF24ACBD-5F84-47B2-BFF3-E9A56666269C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.3:r2-s2:*:*:*:*:*:*",
              "matchCriteriaId": "3935A586-41BD-4FA5-9596-DED6F0864777",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.3:r2-s3:*:*:*:*:*:*",
              "matchCriteriaId": "B83FB539-BD7C-4BEE-9022-098F73902F38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.4:r1:*:*:*:*:*:*",
              "matchCriteriaId": "DC743EE4-8833-452A-94DB-655BF139F883",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.4:r1-s1:*:*:*:*:*:*",
              "matchCriteriaId": "FE96A8EA-FFE3-4D8F-9266-21899149D634",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.4:r1-s2:*:*:*:*:*:*",
              "matchCriteriaId": "C12A75C6-2D00-4202-B861-00FF71585FA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.4:r2:*:*:*:*:*:*",
              "matchCriteriaId": "4DCFA774-96EF-4018-82CF-95C807025C24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:19.4:r2-s1:*:*:*:*:*:*",
              "matchCriteriaId": "76022948-4B07-43CB-824C-44E1AB3537CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "8328FDE6-9707-4142-B905-3B07C0E28E35",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.1:r1-s1:*:*:*:*:*:*",
              "matchCriteriaId": "41CD982F-E6F2-4951-9F96-A76C142DF08E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.1:r1-s2:*:*:*:*:*:*",
              "matchCriteriaId": "19FDC05F-5582-4F7E-B628-E58A3C0E7F2F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.1:r1-s3:*:*:*:*:*:*",
              "matchCriteriaId": "401306D1-E9CE-49C6-8DC9-0E8747B9DC2C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.1:r1-s4:*:*:*:*:*:*",
              "matchCriteriaId": "615EAF48-AD53-4CC2-B233-5EA5C0F72CB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.1:r2:*:*:*:*:*:*",
              "matchCriteriaId": "DC8E7547-6649-436D-BC45-184417680C72",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.1:r2-s1:*:*:*:*:*:*",
              "matchCriteriaId": "D9789FF8-D55C-4AF9-A250-E543A0EB826F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.1:r2-s2:*:*:*:*:*:*",
              "matchCriteriaId": "5C238EB1-5A38-4877-8849-4A6D36918B3F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.2:r1:*:*:*:*:*:*",
              "matchCriteriaId": "CD07B7E2-F5C2-4610-9133-FDA9E66DFF4F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.2:r2:*:*:*:*:*:*",
              "matchCriteriaId": "3332262F-81DA-4D78-99C9-514CADA46611",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.3:r1:*:*:*:*:*:*",
              "matchCriteriaId": "5C9BC697-C7C9-447D-9EBD-E9711462583E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.3:r1-s1:*:*:*:*:*:*",
              "matchCriteriaId": "7B80433B-57B1-49EF-B1A1-83781D6102E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.4:r1:*:*:*:*:*:*",
              "matchCriteriaId": "20DDC6B7-BFC4-4F0B-8E68-442C23765BF2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:20.4:r1-s1:*:*:*:*:*:*",
              "matchCriteriaId": "037BA01C-3F5C-4503-A633-71765E9EF774",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:21.1:r1:*:*:*:*:*:*",
              "matchCriteriaId": "625BA7E6-D2AD-4A48-9B94-24328BE5B06A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos:21.1:r1-s1:*:*:*:*:*:*",
              "matchCriteriaId": "F462F4E3-762C-429F-8D25-5521100DD37C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A persistent cross-site scripting (XSS) vulnerability in the captive portal graphical user interface of Juniper Networks Junos OS may allow a remote authenticated user to inject web script or HTML and steal sensitive data and credentials from a web administration session, possibly tricking a follow-on administrative user to perform administrative actions on the device. This issue affects Juniper Networks Junos OS: All versions, including the following supported releases: 12.3X48 versions prior to 12.3X48-D105; 15.1X49 versions prior to 15.1X49-D220; 18.3 versions prior to 18.3R3-S5; 18.4 versions prior to 18.4R3-S9; 19.1 versions prior to 19.1R3-S7; 19.2 versions prior to 19.2R3-S3; 19.3 versions prior to 19.3R3-S4; 19.4 versions prior to 19.4R3-S6; 20.1 versions prior to 20.1R3; 20.2 versions prior to 20.2R1-S1, 20.2R2; 20.3 versions prior to 20.3R2; 20.4 versions prior to 20.4R2; 21.1 versions prior to 21.1R2."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad de tipo cross-site scripting (XSS) persistente en la interfaz gr\u00e1fica de usuario del portal cautivo de Juniper Networks Junos OS puede permitir que un usuario remoto autenticado inyecte script web o HTML y robe datos y credenciales confidenciales de una sesi\u00f3n de administraci\u00f3n web, posiblemente enga\u00f1ando a un usuario administrativo posterior para que lleve a cabo acciones administrativas en el dispositivo. Este problema afecta a Juniper Networks Junos OS: Todas las versiones, incluidas las siguientes versiones compatibles: versiones 12.3X48 anteriores a 12.3X48-D105; versiones 15.1X49 anteriores a 15.1X49-D220; versiones 18.3 anteriores a 18.3R3-S5; versiones 18.4 anteriores a 18.4R3-S9; versiones 19.1 anteriores a 19.1R3-S7; versiones 19.2 anteriores a 19.2R3-S3; versiones 19. 3 versiones anteriores a 19.3R3-S4; versiones 19.4 anteriores a 19.4R3-S6; versiones 20.1 anteriores a 20.1R3; versiones 20.2 anteriores a 20.2R1-S1, 20.2R2; versiones 20.3 anteriores a 20.3R2; versiones 20.4 anteriores a 20.4R2; versiones 21.1 anteriores a 21.1R2"
    }
  ],
  "id": "CVE-2021-31355",
  "lastModified": "2024-11-21T06:05:29.287",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "NONE",
          "baseScore": 3.5,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 6.8,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.0,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.1,
        "impactScore": 5.9,
        "source": "sirt@juniper.net",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.4,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.3,
        "impactScore": 2.7,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-10-19T19:15:08.837",
  "references": [
    {
      "source": "sirt@juniper.net",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://kb.juniper.net/JSA11220"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://kb.juniper.net/JSA11220"
    }
  ],
  "sourceIdentifier": "sirt@juniper.net",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "sirt@juniper.net",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.