SRX

Expand all | Collapse all

Php and junos

  • 1.  Php and junos

    Posted 06-12-2021 16:12
    Hello Team,

    We have several srx firewalls ( more than 100). Our vulnerability management team identified that mostly all the srx  running 15.x are vulnerable to old php version and advised us to upgrade. This is not easy and ofcourse time consuming

    My question is do php vulnerability come into picture if gui is not enabled ( j web) ?

    Or in any other way php can be triggered by attacker ?

    ------------------------------
    skywalker
    ------------------------------


  • 2.  RE: Php and junos

     
    Posted 06-13-2021 05:58
    You are correct, if you remove the enabled jweb from the configuration the expose is closed.

    ------------------------------
    Steve Puluka BSEET - Juniper Ambassador
    IP Architect - DQE Communications Pittsburgh, PA (Metro Ethernet & ISP)
    http://puluka.com/home
    ------------------------------