Juniper Networks patches dozens of vulnerabilities

News by Doug Olenick

Juniper has patched vulnerabilities across several product lines; Says there is no evidence of these issues being exploited

Juniper Networks has issued 11 security alerts, two critical, five high and four medium, for a large number of vulnerabilities across several product lines.

The critical issues cover Steel Belted Radius Carrier Edition and Junos Space. The former product contains 21 CVEs and affects Steel Belted Radius Carrier Edition 8.4R14 on RHEL6 (32-bit), RHEL6 (64-bit), RHEL7, Sparc Solaris (32-bit), Sparc Solaris (64-bit) and 8.5R5 on RHEL6 (64-bit), RHEL7, Sparc Solaris (64-bit) and all subsequent releases, Juniper said. Patches and updates correcting the issues are available and there is no evidence of these issues being exploited.

Junos Space 19.2R1 and all subsequent releases are covered by 15 CVEs all of which have been mitigated with patches available here. The company also recommends that to reduce the risk of exploitation of these issues, use access lists or firewall filters to limit access to Junos Space to only trusted administrative networks, hosts and users.

The five high-rated alerts are for Juniper Secure Analytics, Junos OS, Junos OS with J-Web enabled and SRX Series platforms running Junos OS. Some of the problems that can arise if the associated vulnerabilities are exploited include a denial of service situation, stack-base overflow, causing the local routing protocol daemon process to crash and restart and processor crash.

Links to the updates and patches for the high and medium patches can be found here.

This article was originally published on SC Media US.

Security Patching

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews