Juniper Junos OS Multiple Vulnerabilities
Release Date: 10 Jan 2025
RISK: Medium Risk
TYPE: Operating Systems - Networks OS
Multiple vulnerabilities were identified in Juniper Junos OS. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, sensitive information disclosure, remote code execution, elevation of privilege and security restriction bypass on the targeted system.
Impact
- Denial of Service
- Information Disclosure
- Security Restriction Bypass
- Remote Code Execution
- Elevation of Privilege
System / Technologies affected
- Junos OS
- Junos OS Evolved
Please refer to the link below for detail:
Solutions
Before installation of the software, please visit the vendor web-site for more details.
Please refer to 2025-01 Security Bulletin.
Vulnerability Identifier
- CVE-2016-2183
- CVE-2020-11022
- CVE-2022-24805
- CVE-2022-24806
- CVE-2022-24807
- CVE-2022-24808
- CVE-2022-24809
- CVE-2022-24810
- CVE-2023-3019
- CVE-2023-3255
- CVE-2023-4408
- CVE-2023-5088
- CVE-2023-5517
- CVE-2023-5679
- CVE-2023-6240
- CVE-2023-6516
- CVE-2023-6683
- CVE-2023-7008
- CVE-2023-42467
- CVE-2023-50387
- CVE-2023-50868
- CVE-2023-52463
- CVE-2023-52801
- CVE-2024-1488
- CVE-2024-6119
- CVE-2024-25742
- CVE-2024-25743
- CVE-2024-26629
- CVE-2024-26630
- CVE-2024-26720
- CVE-2024-26886
- CVE-2024-26946
- CVE-2024-28834
- CVE-2024-28835
- CVE-2024-32462
- CVE-2024-35791
- CVE-2024-35797
- CVE-2024-35875
- CVE-2024-36000
- CVE-2024-36019
- CVE-2024-36883
- CVE-2024-36979
- CVE-2024-38559
- CVE-2024-38619
- CVE-2024-39532
- CVE-2024-40927
- CVE-2024-40936
- CVE-2024-41040
- CVE-2024-41044
- CVE-2024-41055
- CVE-2024-41073
- CVE-2024-41096
- CVE-2024-42082
- CVE-2024-42096
- CVE-2024-42102
- CVE-2024-42131
- CVE-2024-45490
- CVE-2024-45491
- CVE-2024-45492
- CVE-2025-21592
- CVE-2025-21593
- CVE-2025-21596
- CVE-2025-21598
- CVE-2025-21599
- CVE-2025-21600
- CVE-2025-21602
Source
Related Link
- https://supportportal.juniper.net/s/article/2025-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-On-SRv6-enabled-devices-an-attacker-sending-a-malformed-BGP-update-can-cause-the-rpd-to-crash-CVE-2025-21593?language=en_US
- https://supportportal.juniper.net/s/article/2025-01-Security-Bulletin-Junos-OS-SRX-Series-Low-privileged-user-able-to-access-highly-sensitive-information-on-file-system-CVE-2025-21592?language=en_US
- https://supportportal.juniper.net/s/article/2025-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Receipt-of-specially-crafted-BGP-update-packet-causes-RPD-crash-CVE-2025-21602?language=en_US
- https://supportportal.juniper.net/s/article/2025-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-With-certain-BGP-options-enabled-receipt-of-specifically-malformed-BGP-update-causes-RPD-crash-CVE-2025-21600?language=en_US
- https://supportportal.juniper.net/s/article/2025-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-When-BGP-traceoptions-are-configured-receipt-of-malformed-BGP-packets-causes-RPD-to-crash-CVE-2025-21598?language=en_US
- https://supportportal.juniper.net/s/article/2025-01-Security-Bulletin-Junos-OS-SRX1500-SRX4100-SRX4200-Execution-of-low-privileged-CLI-command-results-in-chassisd-crash-CVE-2025-21596?language=en_US
- https://supportportal.juniper.net/s/article/2025-01-Security-Bulletin-Junos-Space-Multiple-vulnerabilities-resolved-in-24-1R2-release?language=en_US
- https://supportportal.juniper.net/s/article/2025-01-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Multiple-vulnerabilities-resolved-in-OpenSSH?language=en_US
- https://supportportal.juniper.net/s/article/2025-01-Security-Bulletin-Junos-OS-Evolved-Receipt-of-specifically-malformed-IPv6-packets-causes-kernel-memory-exhaustion-leading-to-Denial-of-Service-CVE-2025-21599?language=en_US
沒有留言:
發佈留言