Juniper Networks: 46 security alerts published
Juniper Networks has published 46 security bulletins for its regular update day. Admins should install the updates quickly.
Vulnerabilities threaten appliances.
(Image: Bild erstellt mit KI in Bing Designer durch heise online / dmk)
Juniper Networks has published the planned July updates to close security gaps. A total of 46 security warnings have been issued. IT managers should bring their Juniper devices up to date quickly.
Admins of Juniper Networks appliances should go through the first five pages of the security bulletins and check whether the devices they use are included. The probability is high that there are security vulnerabilities in Junos OS, Junos OS Evolved, in the BBE Cloud Setup and in various series such as QFX5000, EX4600, ACX7000 and the SRX, EX and MX series.
Various types of security vulnerabilities
The severity of the security vulnerabilities varies. There are security-related errors in the software that allow attackers to extend rights to root access, for example. There are also denial-of-service vulnerabilities or vulnerabilities that allow unauthorized access to data.
In the individual security reports, administrators can find the severity of the vulnerability according to CVSS – both according to standard 3.1 and CVSS 4.0. The affected versions of the software, in some cases also temporary countermeasures and the software versions that plug the security leak.
Vulnerabilities in Junos Space are considered critical. As many as 18 of the security notifications deal with vulnerabilities that have been classified as high risk. IT managers should therefore apply the updates or, if not yet possible, the workarounds without delay.
In the past two weeks, Juniper Networks has released two unplanned emergency updates. One closed a critical gap in Session Smart Routers that allowed attackers to take over. The other closed a DoS gap in the Juniper OS of SRX devices that was classified as high-risk.
(dmk)