mickmick.net

Juniper Junos OS Multiple Vulnerabilities

Release Date: 13 May 2024

RISK: Medium Risk

TYPE: Operating Systems - Networks OS

Multiple vulnerabilities were identified in Juniper Junos OS. A remote attacker could exploit some of these vulnerabilities to trigger remote code execution, sensitive information disclosure, data manipulation and security restriction bypass on the targeted system.

---

Impact

• Remote Code Execution
• Information Disclosure
• Security Restriction Bypass
• Data Manipulation

---

System / Technologies affected

• Junos OS versions greater than or equal to 19.4R1
• Junos OS Evolved versions greater than or equal to 22.3R1

Please refer to the link below for detail:

https://supportportal.juniper.net/s/article/2024-05-Reference-Advisory-Junos-OS-and-Junos-OS-Evolved-Multiple-CVEs-reported-in-OpenSSH?language=en_US

---

Solutions

Before installation of the software, please visit the vendor web-site for more details.

 

Please refer to 2024-05 Security Bulletin.

• https://supportportal.juniper.net/s/article/2024-05-Reference-Advisory-Junos-OS-and-Junos-OS-Evolved-Multiple-CVEs-reported-in-OpenSSH?language=en_US

---

Vulnerability Identifier

• CVE-2018-15919
• CVE-2018-20685
• CVE-2019-6109
• CVE-2019-6110
• CVE-2019-6111
• CVE-2020-12062
• CVE-2020-14145
• CVE-2020-15778
• CVE-2021-41617
• CVE-2023-38408

---

Source

• Juniper Network

---

Related Link

• https://supportportal.juniper.net/s/article/2024-05-Reference-Advisory-Junos-OS-and-Junos-OS-Evolved-Multiple-CVEs-reported-in-OpenSSH?language=en_US