CVE-2023-36844

A PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX Series allows an unauthenticated, network-based attacker to control certain, important environment variables.

Using a crafted request an attacker is able to modify

certain PHP environment variables leading to partial loss of integrity, which may allow chaining to other vulnerabilities. This issue affects Juniper Networks Junos OS on EX Series:

• All versions prior to 20.4R3-S9;
• 21.1 versions 21.1R1 and later;
• 21.2 versions prior to 21.2R3-S7;
• 21.3 versions

prior to

21.3R3-S5; * 21.4 versions

prior to

21.4R3-S5; * 22.1 versions

prior to

22.1R3-S4; * 22.2 versions

prior to

22.2R3-S2; * 22.3 versions

prior to 22.3R3-S1; * 22.4 versions

prior to

22.4R2-S2, 22.4R3; * 23.2 versions prior to

23.2R1-S1, 23.2R2.

Manipulating User-Controlled Variables (CAPEC-77)

This attack targets user controlled variables (DEBUG=1, PHP Globals, and So Forth). An adversary can override variables leveraging user-supplied, untrusted query variables directly used on the application server without any data sanitization. In extreme cases, the adversary can change variables controlling the business logic of the application. For instance, in languages like PHP, a number of poorly set default configurations may allow the user to override variables.

CVE.org

View more information about CVE-2023-36844 on the official MITRE CVE website.

NIST National Vulnerability Database

CVE-2023-36844 on the NIST NVD.

CISA Known Exploited Vulnerabilities

CISA KEV