Support Support Downloads Knowledge Base Juniper Support Portal Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

Cross-site Scripting (XSS) vulnerability in ScreenOS Software



Article ID: JSA10388 SECURITY_ADVISORIES Last Updated: 09 May 2013Version: 2.0
Legacy Advisory Id:
Product Affected:
NetScreen Hardware Security Client (HSC), NetScreen-5GT Series, NetScreen-25, NetScreen-50, NetScreen-200 Series, NetScreen-500, Integrated Security Gateway (ISG) 1000, ISG 1000-IDP, ISG 2000, ISG 2000-IDP, Secure Services Gateway (SSG) 5, SSG 20, SSG 140, SSG-320M, SSG-350M, SSG 500-Series, and NetScreen-5000 Series.

Juniper Firewall/IPSec VPN platforms that run ScreenOS software are protected against most XSS attacks. The WebUI event logs were vulnerable to XSS poisoning from failed logon attempts due to lack of protection against a certain type of encoding.

Juniper would like to thank Deral Heiland from Layered Defense Research for discovering and reporting this issue to Juniper's SIRT Team.


ScreenOS versions 5.4r10, 6.0r6, 6.1r2, and later revisions have been modified to eliminate this vulnerability.

Administrators can restrict administrative access in two ways in order to mitigate the attack:
1. enable manager-ip feature to allow only specific hosts/subnets to manage the device
2. disable management in untrusted zones to completely any login attempts


Customers running a release of ScreenOS earlier than 5.4r10, or a revision earlier than those listed above, are strongly encouraged to upgrade their software to a fixed release/revision. A new ScreenOS 5.3 version is currently being built for customers running this version and that cannot upgrade to any of the versions listed above.

In order to configure manager-ip and disable management refer to ScreenOS Concepts and Examples Guide - Vol. 3 - Administration in ScreenOS Software Documentation.

Severity Level:
Severity Assessment:
This is a low risk vulnerability with a recommendation to upgrade as needed

Related Links

Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search