CVE-2009-3486

Name of the Vulnerable Software and Affected Versions Juniper JUNOS version 8.5R1.14

Description The issue affects the J-Web interface, allowing remote authenticated users to inject arbitrary web script or HTML. This can be achieved through various parameters in different programs, including the host parameter to the pinghost or traceroute program, the probe-limit parameter to the configuration program, and several other parameters in actions related to firewall filters, COS physical interfaces, SNMP, users, and local certificates. The estimated number of potentially affected devices and details about real-world incidents are not provided.

Recommendations For Juniper JUNOS version 8.5R1.14, consider disabling access to the J-Web interface until a fix is available. Restrict the use of the diagnose program and its reachable components, such as the pinghost and traceroute programs. Avoid using the vulnerable parameters, including host, probe-limit, wizard-ids, pager-new-identifier, cos-physical-interface-name, wizard-args, username, fullname, certname, and certbody, in their respective actions. Apply configuration changes to limit the risk of exploitation, such as restricting access to the configuration program and its related actions.