CVE-2009-3487

Name of the Vulnerable Software and Affected Versions Juniper JUNOS version 8.5R1.14

Description The issue affects the J-Web interface, allowing remote authenticated users to inject arbitrary web script or HTML. This can be achieved through various parameters, including JEXEC OUTID in a JEXEC MODE RELAY OUTPUT action to the jexec program, act, refresh-time, or ifid parameters to scripter.php, the revision parameter in a rollback action to the configuration program, the m[] parameter to several programs, the wizard-next parameter in an https action to the configuration program, or specific SNMP parameters such as Contact Information, System Description, Local Engine ID, System Location, or System Name Override, all related to the configuration program.

Recommendations For Juniper JUNOS version 8.5R1.14, consider disabling access to the J-Web interface until a patch is available. Restrict the use of the jexec program and access to scripter.php to minimize the risk of exploitation. Avoid using the vulnerable parameters, such as JEXEC OUTID, act, refresh-time, ifid, revision, m[], wizard-next, and specific SNMP parameters, in the affected programs until the issue is resolved.