Home Networking company Juniper Networks battles a swarm of bugs – Security

Juniper Networks battles a swarm of bugs – Security


Juniper Networks has made public a number of vulnerabilities severe enough to attract the attention of the US Cybersecurity and Infrastructure Security Agency.

Of the 30 vulnerabilities disclosed this week, four are classified as critical and eight are classified as high severity.

The critical vulnerabilities affect the company’s Junos Space, Contrail Networking, and Northstar Controller products.

This critical bulletin covers multiple vulnerabilities in third-party products shipped with versions of Junos Space prior to 22.1R1.

Affected third-party products include nginx resolver, Oracle Java SE, OpenSSH, Samba, RPM package manager, Kerberos, OpenSSL, Linux kernel, curl, and MySQL Server.

Juniper Networks Contrail Networking must be upgraded to version 21.4.0 to fix Red Hat Universal Base Image (UBI) container image from Red Hat Enterprise Linux 7 to Red Hat Enterprise Linux 8, addressing 23 vulnerabilities going back to 2013.

In another fix for third-party components, Junos Space Security Director Policy Enforcer has been upgraded to use CentOS 7.9, in version 22.1R1.

In CVE-2021-23017, the nginx load balancer shipped by Juniper with its Northstar controller has a remote code execution bug.

“An Off-by-one error vulnerability in the nginx resolver…allows an unauthenticated remote attacker capable of spoofing UDP packets from the DNS server to cause a 1-byte memory overwrite, resulting in a process crash. work or potentially, execution of arbitrary code,” the notice states.

This vulnerability is corrected in version 1.20.1 of the Northstar controller.

A number of high severity bugs are also disclosed in Junos OS. The full list of vulnerabilities is available here.