Juniper patches multiple vulnerabilities in Junos OS and other products (July 2021)

Juniper patches multiple vulnerabilities in Junos OS and other products (July 2021)

Juniper Networks has released security advisories to fix many vulnerabilities on Junos OS, EX4300, PTX Series, QFX Series, SRX Series network devices and multiple other products.

An attacker could exploit these vulnerabilities and potentially take over impacted systems.

The most recent Juniper security updates released April 14 address vulnerabilities in multiple products, such as:

  • CVE-2021-0290: Junos OS: MX Series, EX9200 Series, SRX4600: Ethernet interface vulnerable to specially crafted frames.
  • CVE-2021-0277: Junos OS and Junos OS Evolved: LLDP Out-of-Bounds Read vulnerability in l2cpd.
  • CVE-2017-1087: Junos OS: FreeBSD-SA-17:09.shm : POSIX shm allows jails to access global namespace.
  • CVE-2018-6925: Junos OS: FreeBSD-EN-18:11.listen: TCP during bind, listen or connect and UDP during bind may experience Denial of Service for IPv6 based sockets.
  • CVE-2019-8936: Junos OS Evolved: Authenticated denial of service in ntpd.
  • CVE-2021-0276: Steel-Belted Radius Carrier Edition: Remote code execution vulnerability when EAP Authentication is configured.
  • CVE-2021-0278: Junos OS: J-Web allows a locally authenticated attacker to escalate their privileges to root.
  • CVE-2021-0280: Junos OS: PTX Series and QFX10K Series: Upon receipt of specific packets BFD sessions might flap due to DDoS policer implementation in Packet Forwarding Engine.
  • CVE-2021-0279: Contrail Cloud: Hardcoded credentials for RabbitMQ service.
  • CVE-2021-0281: Junos OS and Junos OS Evolved: Specific packets can trigger rpd crash when BGP Origin Validation is configured with RPKI.
  • CVE-2021-0282: Junos OS: RPD crash while processing a specific BGP UPDATE when Multipath or add-path features are enabled.
  • CVE-2021-0285: Junos OS: QFX 5000 Series: Continuous traffic destined to a device configured with MC-LAG leading to nodes losing their control connection which can impact traffic.
  • CVE-2021-0286: Junos OS Evolved: Specially crafted packets may cause the AFT manager process to crash and restart.
  • CVE-2021-0287: Junos OS and Junos OS Evolved: RPD could crash in SR-ISIS/MPLS environment due to a flap of a ISIS link in the network.
  • CVE-2021-0288: Junos OS: MX Series, EX9200 Series: FPC may crash upon receipt of specific MPLS packet affecting Trio-based MPCs.

One of the notable updates addresses a Critical vulnerability CVE-2021-0276 in the Steel-Belted Radius (SBR) Carrier Edition products that could result in remote code execution.

“A stack-based Buffer Overflow vulnerability in Juniper Networks SBR Carrier with EAP (Extensible Authentication Protocol) authentication configured, allows an attacker sending specific packets causing the radius daemon to crash resulting with a Denial of Service (DoS) or leading to remote code execution (RCE). By continuously sending this specific packets, an attacker can repeatedly crash the radius daemon, causing a sustained Denial of Service (DoS),” Juniper wrote in the advisory.

The vulnerability has a CVSS score of 9.8.

Readers can check out the Juniper Security Advisories site for more details on these and more vulnerabilities that affect Juniper products.

Related Articles