The following information will assist in initial mitigation of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H.
Please note that disabling the Web interface will impact functionality of SSL VPNs, if you are running an SSL VPN additional steps may be required to maintain proper functionality of the SRX device.
First, login to the firewall using your current credentials. In this example I will be using the root account.
Logging in with a root account will require you to access the CLI, logging in with a user account will take you directly to the CLI.
Enter the configuration or edit mode
Delete the web management services with the command: delete system services web-management
Confirm your changes using the command: show | compare
Here you are looking to make sure that all changes are under the edit system services, web-management header.
Commit your changes and exit configuration mode using: commit and-quit
Once the firewall has exited the configuration mode the changes are complete and going to the IP for your J-Web interface in your browser, will now timeout.
With this interface disabled, this will remove the attack vector for certain CVEs, allowing time to plan for additional long term mitigations without incurring unnecessary downtime.