Juniper Security Updates – 11 January 2024

The addressed vulnerabilities could allow the attacker to obtain sensitive information, cause a denial of service attack, bypass security restrictions, gain elevated privileges, or execute arbitrary code and gain access to the affected products.

Sample of the addressed vulnerabilities:

1. Juniper Junos OS SRX Series and EX Series Remote Code Execution Vulnerability (CVE-2024-21591):

• CVSS: 9.8
• Attack Vector: Network
• Attack Complexity: Low
• Privileges Required: None
• User Interaction: None
• Consequences: Gain Access

2. Juniper Junos OS Evolved: ACX7024, ACX7100-32C and ACX7100-48L Denial of Service Vulnerability (CVE-2024-21602):

• CVSS: 7.5
• Attack Vector: Network
• Attack Complexity: Low
• Privileges Required: None
• User Interaction: None
• Consequences: Denial of Service