Wednesday, January 31, 2024

Update Your Juniper! Highly Risk is Found in SRX and EX Series


 Juniper Networks has taken swift action by releasing out-of-band updates to tackle high-severity vulnerabilities affecting SRX Series and EX Series. These vulnerabilities pose a significant risk, potentially allowing threat actors to gain control over vulnerable systems.


The vulnerabilities, identified as CVE-2024-21619 and CVE-2024-21620, are associated with the J-Web component and impact all versions of Junos OS. Juniper Networks had previously disclosed two other vulnerabilities, CVE-2023-36846 and CVE-2023-36851, in August 2023.


  • CVE-2024-21619 (CVSS score: 5.3): This vulnerability involves missing authentication, creating a potential risk of exposing sensitive configuration information.
  • CVE-2024-21620 (CVSS score: 8.8): This vulnerability is a cross-site scripting (XSS) flaw that could allow the execution of arbitrary commands with the permissions of the target through a specially crafted request.


The discovery and reporting of these issues are credited to the cybersecurity firm watchTowr Labs. Juniper Networks promptly addressed these vulnerabilities in the following versions:


  • CVE-2024-21619: Versions 20.4R3-S9, 21.2R3-S7, 21.3R3-S5, 21.4R3-S6, 22.1R3-S5, 22.2R3-S3, 22.3R3-S2, 22.4R3, 23.2R1-S2, 23.2R2, 23.4R1, and all subsequent releases.
  • CVE-2024-21620: Versions 20.4R3-S10, 21.2R3-S8, 21.4R3-S6, 22.1R3-S5, 22.2R3-S3, 22.3R3-S2, 22.4R3-S1, 23.2R2, 23.4R2, and all subsequent releases.


As an interim measure until the patches are applied, Juniper Networks recommends users disable J-Web or limit access to only trusted hosts.


It's crucial to highlight that both CVE-2023-36846 and CVE-2023-36851 were included in the Known Exploited Vulnerabilities (KEV) catalog by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) in November 2023 due to evidence of active exploitation.


In a related development earlier this month, Juniper Networks issued fixes to address a critical vulnerability (CVE-2024-21591, CVSS score: 9.8) in the same products, capable of leading to denial-of-service (DoS) or remote code execution and granting root privileges on the affected devices.

0 comments:

Post a Comment