SRC Series: A remote attacker sending a specially crafted query may cause the web server to delete files
CVE-2021-31381

6.5MEDIUM

Key Information:

Vendor: Juniper Networks
Status: Src Series
Vendor: CVE Published:; 19 October 2021

Badges

👾 Exploit Exists

Summary

A configuration weakness in the JBoss Application Server (AppSvr) component of Juniper Networks SRC Series allows a remote attacker to send a specially crafted query to cause the web server to delete files which may allow the attacker to disrupt the integrity and availability of the system.

Affected Version(s)

SRC Series < 4.12.0R5

SRC Series 4.13.0 < 4.13.0R3

References

https://kb.juniper.net/JSA11248

x_refsource_CONFIRM

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

👾
Exploit known to exist
Sep 16, 2024
Vulnerability published
Oct 19, 2021
Vulnerability Reserved
Apr 15, 2021