- 258/2023
- High
Juniper has released security updates to fix multiple vulnerabilities across multiple products.
The addressed vulnerabilities could allow the attacker to gain access, obtain sensitive information, gain elevated privileges, and cause a denial of service attack on the affected products.
Sample of the addressed vulnerabilities:
1. Juniper Networks Junos OS Privilege Escalation (CVE-2023-44194):
- CVSS: 8.4
- Attack Vector: Local
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Consequences: Gain Privileges
2. Juniper Networks Junos OS Denial of Service (CVE-2023-44185):
- CVSS: 7.5
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Consequences: Denial of Service
Vulnerabilities
Mitigations
The enterprise should deploy this patch as soon as the testing phase is completed.