Back to search
CVE-2013-4689
Published: Oct 17, 2013
Modified: Sep 16, 2024
PUBLISHED
Description
J-Web in Juniper Junos before 10.4R13, 11.4 before 11.4R7, 12.1R before 12.1R6, 12.1X44 before 12.1X44-D15, 12.1x45 before 12.1X45-D10, 12.2 before 12.2R3, 12.3 before 12.3R2, and 13.1 before 13.1R3 allow remote attackers to bypass the cross-site request forgery (CSRF) protection mechanism and hijack the authentication of administrators for requests that (1) create new administrator accounts or (2) have other unspecified impacts.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
62940
vdb-entry
x_refsource_BID
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10597
x_refsource_CONFIRM
55166
third-party-advisory
x_refsource_SECUNIA
98325
vdb-entry
x_refsource_OSVDB
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now