Unrated severityNVD Advisory· Published Oct 19, 2021· Updated Sep 16, 2024

Session Smart Router: Authentication Bypass Vulnerability

CVE-2021-31349

Description

The usage of an internal HTTP header created an authentication bypass vulnerability (CWE-287), allowing an attacker to view internal files, change settings, manipulate services and execute arbitrary code. This issue affects all Juniper Networks 128 Technology Session Smart Router versions prior to 4.5.11, and all versions of 5.0 up to and including 5.0.1.

Affected products

Juniper Networks/Session Smart Routerllm-create2 versions
<4.5.11, <=5.0.1+ 1 more
- (no CPE)range: <4.5.11, <=5.0.1
- (no CPE)range: unspecified

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

kb.juniper.net/JSA11256mitrex_refsource_CONFIRM

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000