- 166/2023
- High
Juniper has released security updates to fix multiple vulnerabilities across multiple products.
The addressed vulnerabilities could allow the attacker to obtain sensitive information, perform denial of service, execute arbitrary code, and gain access to the affected products.
Sample of the addressed vulnerabilities:
Juniper Networks Junos OS Denial of Service Vulnerability (CVE-2023-36832):
- CVSS: 7.5
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Consequences: Denial of Service
Sample of the affected products:
- Juniper Networks Junos OS versions 19.4, 20.1, 20.2, 20.3, 20.4, 21.1, 21.2, 21.3, 21.4, 22.1, 22.2, 22.3.
- Juniper Networks Junos OS Evolved any versions before 21.2R3-S5-EVO, 21.3, 21.4, 22.1, 22.2, 22.3, 22.4.
- Juniper Networks MX Series.
- Juniper Networks SRX Series.
Vulnerabilities
Mitigations
The enterprise should deploy this patch as soon as the testing phase is completed.