CVE-2024-21620

HIGH EXPLOITED

Juniper Junos OS Multiple Versions - Cross-Site Scripting via J-Web emit_debug_note Method

Title source: llm

Exploitation Summary

CVE-2024-21620 has been observed exploited in the wild (reported by VulnCheck KEV).

Description

An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in J-Web of Juniper Networks Junos OS on SRX Series and EX Series allows an attacker to construct a URL that when visited by another user enables the attacker to execute commands with the target's permissions, including an administrator. A specific invocation of the emit_debug_note method in webauth_operation.php will echo back the data it receives. This issue affects Juniper Networks Junos OS on SRX Series and EX Series: * All versions earlier than 20.4R3-S10; * 21.2 versions earlier than 21.2R3-S8; * 21.4 versions earlier than 21.4R3-S6; * 22.1 versions earlier than 22.1R3-S5; * 22.2 versions earlier than 22.2R3-S3; * 22.3 versions earlier than 22.3R3-S2; * 22.4 versions earlier than 22.4R3-S1; * 23.2 versions earlier than 23.2R2; * 23.4 versions earlier than 23.4R2.

References (1)

Core 1

Core References

Vendor Advisory vendor-advisory

https://supportportal.juniper.net/JSA76390

Scores

CVSS v3 8.8

EPSS 0.0037

EPSS Percentile 58.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

VulnCheck KEV 2025-08-24

CWE

CWE-79

Status published

Products (4)

juniper/junos 20.4 (16 CPE variants)

juniper/junos 21.2 (15 CPE variants)

juniper/junos 21.4 (13 CPE variants)

juniper/junos 22.1 (6 CPE variants)

Published Jan 25, 2024

Tracked Since Feb 18, 2026