Juniper Junos J-Web CSRF Protection Bypass (JSA10597)
High Nessus Plugin ID 70475
SynopsisThe remote device is missing a vendor-supplied security patch.
DescriptionAccording to its self-reported version number, the remote Juniper Junos device has a cross-site request forgery (XSRF) vulnerability in J-Web. Successful exploitation of this issue could allow an attacker to take complete control of the device.
SolutionApply the relevant Junos software release referenced in Juniper advisory JSA10597.