Juniper: More than 30 security vulnerabilities patched

Juniper Networks has published a whole slew of security advisories and is organizing a kind of patch day. Patches belonging to the advisories seal more than 30 security gaps.

The list of current security bulletins from Juniper Networks includes several security bulletins relating to problems with the Border Gateway Protocol (BGP), for example. The effects range from denial of service situations to the execution of undermined commands or malicious code.

Junos OS: critical security vulnerability

One of the vulnerabilities in Junos OS is considered a critical risk. It affects the nginx open source software supplied. One of the nginx vulnerabilities has a CVSS score of 9.8, according to the authors of the Juniper warning. 13 other security bulletins deal with vulnerabilities that the manufacturer's developers classify as high risk.

IT managers with Juniper Networks hardware in their organization should check the list of security bulletins to see whether the devices or software versions used are affected by the vulnerabilities. In the individual bulletins, Juniper Networks lists the vulnerable versions and the version from which the security leaks have been plugged. Admins should download and install the associated updates quickly in order to reduce the attack surface in their networks. In some cases, Juniper also mentions temporary countermeasures in the security notifications, which help to reduce the risk if updates cannot be installed immediately.

The last time Juniper Networks published such a large chunk of security notices was in July, when there were 46 of them. The network division of Hewlett Packard Enterprise (HPE) also has a strong interest in Juniper Networks. The EU Commission did not raise any objections to a takeover by HPE and did not impose any conditions, although this would probably dethrone Cisco, the largest network supplier to date.

(dmk)