shawnkhall on Nostr: #juniper has been exposing customer and device information for who knows how long -- ...
#juniper has been exposing customer and device information for who knows how long -- but the specific detail level would allow any user to gain sufficient sensitive information to be able to remotely exploit every single device that hasn't received updates but is still active. Just another "minor" bug in the management interface that can be exploited to gain control over every fortune 500 company. #hacking #oops
https://krebsonsecurity.com/2024/02/juniper-support-portal-exposed-customer-device-info/Published at
2024-02-12 06:48:42Event JSON
{
"id": "25d13825c2621b5b9b2f933c84a3ce551ee122d7dc6340090f58798508004cb4",
"pubkey": "3e629e68fcf644d3c51dd0951d9ec91b94f6ff0696fef7f22caafe2704198c6b",
"created_at": 1707720522,
"kind": 1,
"tags": [
[
"proxy",
"https://www.minds.com/api/activitypub/users/818634950805823501/entities/urn:activity:1603558942527459337",
"activitypub"
]
],
"content": "#juniper has been exposing customer and device information for who knows how long -- but the specific detail level would allow any user to gain sufficient sensitive information to be able to remotely exploit every single device that hasn't received updates but is still active. Just another \"minor\" bug in the management interface that can be exploited to gain control over every fortune 500 company. #hacking #oops \nhttps://krebsonsecurity.com/2024/02/juniper-support-portal-exposed-customer-device-info/\n",
"sig": "c6f690247d3821d354471244adca135b7040aadecd7fab6231e19c14a6f20b28f9c1ac72c0b42d6d24c984f9433791f2cae4f7ab54416b791e8225b5133549f7"
}