Security patches for critical flaws in the Junos Operating System and Contrail Networking have been posted by Juniper

Juniper Networks has distributed security patches to address a number of vulnerabilities that affect a variety of devices. Some of these vulnerabilities might be exploited by malicious actors to take control of the systems that are impacted.

Junos Operating System

The vulnerabilities that impact Junos Space and Contrail Networking are categorized as severe, and the company that makes these products recommends that users update to versions 22.1R1 and 21.4.0, respectively, as soon as possible.

The Junos Space network management software has a total of 31 flaws, the most serious of which is CVE-2021-23017 (CVSS score: 9.4), which might cause affected devices to crash or potentially enable arbitrary code execution on them.

“A security problem in nginx resolver was detected”, the company warned in a statement. According to the information that has been revealed, this may enable an attacker who is able to spoof UDP packets from the DNS server to cause 1-byte memory to overwrite, which would result in a worker process crash or possible additional consequences.

Northstar Controller, in its versions 5.1.0 Service Pack 6 and 6.2.2, has also been patched to address the same security flaw.

In addition, the networking equipment manufacturer warned that CentOS 6.8, which was packaged with Junos Space Policy Enforcer prior to version 22.1R1, had many bugs already known to exist. As a preventative measure, the Policy Enforcer component of CentOS has been updated to version 7.9 since the vulnerability was discovered.

Also included on the list are 166 security flaws that affect the company’s Contrail Networking product. These flaws are present in all versions of the software that were released before 21.4.0 and have been assigned a CVSS score of 10.0 as a group.

It was noted in an advisory that upgrading the Open Container Initiative (OCI)-compliant Red Hat Universal Base Image (UBI) container image from Red Hat Enterprise Linux 7 to Red Hat Enterprise Linux 8 resolved multiple vulnerabilities in third-party software used in Juniper Networks Contrail Networking.

About the author

Lidia Howler

Lidia is a web content creator with years of experience in the cyber-security sector. She helps readers with articles on malware removal and online security. Her strive for simplicity and well-researched information provides users with easy-to-follow It-related tips and step-by-step tutorials.

Leave a Comment

SSL Certificate

Web Safety Checker

About Us

HowToRemove.Guide is your daily source for online security news and tutorials. We also provide comprehensive and easy-to-follow malware removal guides. Watch our videos on interesting IT related topics.

Contact Us:

HowToRemove.Guide © 2024. All Rights Reserved.

Exit mobile version