#VU93506 Authentication bypass using an alternate path or channel in Juniper Networks, Inc. products - CVE-2024-2973

Cybersecurity Help s.r.o.

Published: 2024-07-01

Vulnerability identifier: #VU93506

Vulnerability risk: Critical

CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Red]

CVE-ID: CVE-2024-2973

CWE-ID: CWE-288

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Session Smart Router
Server applications / Other server solutions
Session Smart Conductor
Hardware solutions / Routers & switches, VoIP, GSM, etc
WAN Assurance Router
Hardware solutions / Routers & switches, VoIP, GSM, etc

Vendor: Juniper Networks, Inc.

Description

The vulnerability allows a remote attacker to compromise the affected device.

The vulnerability exists due to missing authentication checks when running with a redundant peer. A remote non-authenticated attacker can bypass authentication and take full control over the affected device.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Session Smart Router: before 5.6.15

Session Smart Conductor: before 5.6.15

WAN Assurance Router: before 6.1.9

External links
https://supportportal.juniper.net/s/article/2024-06-Out-Of-Cycle-Security-Bulletin-Session-Smart-Router-SSR-On-redundant-router-deployments-API-authentication-can-be-bypassed-CVE-2024-2973?language=en_US

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Authentication bypass in Juniper Session Smart Router