This community is currently under full moderation, meaning  all posts will be reviewed before appearing in the community. Please expect a brief delay—there is no need to post multiple times. If your post is rejected, you'll receive an email outlining the reason(s). We've implemented full moderation to control spam. Thank you for your patience and participation.

Expand all | Collapse all

Php and junos

  • 1.  Php and junos

    Posted 06-12-2021 16:12
    Hello Team,

    We have several srx firewalls ( more than 100). Our vulnerability management team identified that mostly all the srx  running 15.x are vulnerable to old php version and advised us to upgrade. This is not easy and ofcourse time consuming

    My question is do php vulnerability come into picture if gui is not enabled ( j web) ?

    Or in any other way php can be triggered by attacker ?


  • 2.  RE: Php and junos

    Posted 06-13-2021 05:58
    You are correct, if you remove the enabled jweb from the configuration the expose is closed.

    Steve Puluka BSEET - Juniper Ambassador
    IP Architect - DQE Communications Pittsburgh, PA (Metro Ethernet & ISP)