Juniper Networks Security Updates – 13 April 2023

The addressed vulnerabilities could allow the attacker to gain access, obtain sensitive information, bypass security restrictions, and cause a denial of service attack on the affected products.

Sample of the addressed vulnerabilities:

1. Juniper Networks Junos OS Denial of Service Vulnerability (CVE-2023-28976):

• CVSS: 8.6
• Attack Vector: Network
• Attack Complexity: Low
• Privileges Required: None
• User Interaction: None
• Consequences: Denial of Service

2. Juniper Networks Junos OS Evolved Security Bypass Vulnerability (CVE-2023-28960):

• CVSS: 8.2
• Attack Vector: Local
• Attack Complexity: Low
• Privileges Required: Low
• User Interaction: Required
• Consequences: Bypass Security

Sample of affected products:

• Junos OS QFX10000 Series.
• Junos OS PTX1000 Series.
• Junos OS ACX Series.
• Junos OS JRR200.