Security News > 2022 > July > Juniper Releases Patches for Critical Flaws in Junos OS and Contrail Networking

Juniper Releases Patches for Critical Flaws in Junos OS and Contrail Networking
2022-07-19 01:28

Juniper Networks has pushed security updates to address several vulnerabilities affecting multiple products, some of which could be exploited to seize control of affected systems.

The most critical of the flaws affect Junos Space and Contrail Networking, with the tech company urging customers to release versions 22.1R1 and 21.4.0, respectively.

Chief among them is a collection of 31 bugs in the Junos Space network management software, including CVE-2021-23017 that could result in a crash of vulnerable devices or even achieve arbitrary code execution.

The networking equipment maker cautioned of multiple known issues exist in CentOS 6.8 that's shipped with Junos Space Policy Enforcer before version 22.1R1. As mitigations, the version of CentOS packed with the Policy Enforcer component has been upgraded to 7.9.

Also listed are 166 security vulnerabilities impacting its Contrail Networking product that impact all versions prior to 21.4.0 and have been collectively given the maximum CVSS score of 10.0.

"Multiple vulnerabilities in third party software used in Juniper Networks Contrail Networking have been resolved in release 21.4.0 by upgrading the Open Container Initiative-compliant Red Hat Universal Base Image container image from Red Hat Enterprise Linux 7 to Red Hat Enterprise Linux 8," it noted in an advisory.


News URL

https://thehackernews.com/2022/07/juniper-releases-patches-for-critical.html

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Juniper 27 0 227 223 49 499