CVE-2013-4689

N/A Unknown
Published: October 17, 2013 Modified: April 29, 2026
View on NVD

Description

J-Web in Juniper Junos before 10.4R13, 11.4 before 11.4R7, 12.1R before 12.1R6, 12.1X44 before 12.1X44-D15, 12.1x45 before 12.1X45-D10, 12.2 before 12.2R3, 12.3 before 12.3R2, and 13.1 before 13.1R3 allow remote attackers to bypass the cross-site request forgery (CSRF) protection mechanism and hijack the authentication of administrators for requests that (1) create new administrator accounts or (2) have other unspecified impacts.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10597
Source: cve@mitre.org
Vendor Advisory
http://osvdb.org/98325
Source: cve@mitre.org
http://secunia.com/advisories/55166
Source: cve@mitre.org
Vendor Advisory
http://www.securityfocus.com/bid/62940
Source: cve@mitre.org
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10597
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://osvdb.org/98325
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/55166
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.securityfocus.com/bid/62940
Source: af854a3a-2127-422b-91ae-364da2661108

8 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
0.1%
25th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-352

Affected Vendors

juniper

Related CVEs

CVE-2026-8108 7.8
CVE-2026-5371 7.1
CVE-2026-44548 8.1
CVE-2026-44547 9.6
CVE-2026-44352 N/A