Juniper Networks has released security advisories to fix many vulnerabilities on Junos OS, EX4300, PTX Series, QFX Series, SRX Series network devices and multiple other products.
The most recent Juniper security updates released April 16 address the following two Medium rated vulnerabilities:
- CVE-2021-0242: Junos OS EX4300: FPC crash upon receipt of specific frames on an interface without L2PT or dot1x configured.
- CVE-2021-0258: Junos OS Kernel panic upon receipt of specific TCPv6 packet on management interface.
Juniper described the TCPv6 vulnerability CVE-2021-0258 in the advisory:
“A vulnerability in the forwarding of transit TCPv6 packets received on the Ethernet management interface of Juniper Networks Junos OS allows an attacker to trigger a kernel panic, leading to a Denial of Service (DoS). Continued receipt and processing of these transit packets will create a sustained Denial of Service (DoS) condition. This issue only occurs when TCPv6 packets are routed through the management interface. Other transit traffic, and traffic destined to the management interface, are unaffected by this vulnerability.”
This flaw was introduced as part of a TCP Parallelization feature Juniper added in Junos OS 17.2. However, the issue does not affect Juniper Networks Junos OS versions prior to 17.2R1.
Moreover, Juniper also released multiple other patches as summarized below:
- CVE-2021-0247: Junos OS PTX Series, QFX Series: Due to a race condition input loopback firewall filters applied to interfaces may not operate even when listed in the running configuration.
- CVE-2021-0270: Junos OS PTX Series, QFX10K Series: A PTX/QFX FPC may restart unexpectedly with the “inline-Jflow” feature enabled on a large-scale deployment.
- CVE-2021-0214: Junos OS: Denial of Service in ppmd upon receipt of malformed packet.
- CVE-2021-0257: Junos OS MX Series, EX9200 Series: Trio-based MPCs memory leak in VPLS with integrated routing and bridging (IRB) interface.
- CVE-2021-0248: NFX Series: Hard-coded credentials allows an attacker to take control of any instance through administrative interfaces.
Of special note, the hard-coded credential vulnerability CVE-2021-0248 is rated Critical and has a CVSS score of 10.0, the most severe possible.
“On NFX Series devices the use of Hard-coded Credentials in Juniper Networks Junos OS allows an attacker to take over any instance of an NFX deployment,” Juniper warned in the advisory.
Juniper also added the company is not aware of any malicious exploitation of this vulnerability at the time of publication.
Moreover, many other advisories were also released to fix vulnerabilities in SRX and other network products. Readers can check out Juniper’s Security Advisories page for more details.