Juniper Networks: Numerous security updates for various products
Juniper Networks has released security updates for numerous products. IT admins should apply them quickly.
(Image: vchal/Shutterstock.com)
Network equipment supplier Juniper Networks has released security updates for numerous products. Some of these address vulnerabilities classified as critical.
A total of 26 new entries regarding security updates from Wednesday of this week can be found in the Juniper Support Portal. Particularly severe are, for example, security vulnerabilities in Junos Space, which achieve a CVSS score of 9.8, thus indicating a risk of “critical.” The situation is similar for Juniper's Policy Enforcer, which the manufacturer also classifies as “critical” with a CVSS score of 9.8. Numerous vulnerabilities in Junos OS and Junos OS Evolved from various Juniper appliances narrowly miss being classified as critical risks. However, they still achieve CVSS4 scores of 8.7, placing them at the risk level of “high.”
Videos by heise
The vulnerabilities allow attackers, for example, to crash services or trigger reboots, thereby enabling denial-of-service attacks. Some vulnerabilities lead to information disclosure.
Admins should take action
Listing all individual security advisories would go beyond the scope of this report. Therefore, IT managers are advised to review the linked overview of security updates. If they are using devices listed as vulnerable there, they should download and apply the updates or, if necessary, initiate available temporary countermeasures.
Most recently, Juniper released a whole batch of security advisories, particularly in October.
(dmk)
