Skip to main content

Juniper Junos OS Multiple Vulnerabilities

Last Update Date: 2 Nov 2020 Release Date: 30 Oct 2020 5416 Views

RISK: Medium Risk

TYPE: Operating Systems - Networks OS

TYPE: Networks OS

Multiple vulnerabilities were identified in Juniper Junos OS, a remote attacker could exploit some of these vulnerabilities to perform denial of service, remote code execution, cross-site scripting and bypass security restriction on the targeted system.

 

[Updated 2-Nov-2020] Note: Added a new CVE (CVE-2020-1685) and updated in the "System / Technologies Affected", "Vulnerability Identifier" and "Related Links" Section.


Impact

  • Cross-Site Scripting
  • Denial of Service
  • Remote Code Execution
  • Security Restriction Bypass

System / Technologies affected

Juniper Networks Junos OS

  • 12.3 versions prior to 12.3R12-S16
  • 12.3X48 versions prior to 12.3X48-D105
  • 15.1 versions prior to 15.1R7-S7
  • 15.1X49 versions prior to 15.1X49-D221, 15.1X49-D230
  • 15.1X53 versions prior to 15.1X53-D593
  • 16.1 versions prior to 16.1R7-S8
  • 17.2 versions prior to 17.2R3-S4
  • 17.2X75 versions prior to 17.2X75-D45
  • 17.3 versions prior to 17.3R3-S9
  • 17.4 versions prior to 17.4R2-S12, 17.4R3-S2, 17.4R3-S3
  • 18.1 versions prior to 18.1R3-S11
  • 18.2 versions prior to 18.2R2-S7, 18.2R3-S6
  • 18.2X75 versions prior to 18.2X75-D34, 18.2X75-D53, 18.2X75-D41, 18.2X75-D430, 18.2X75-D65
  • 18.3 versions prior to 18.3R1-S5, 18.3R2-S4, 18.3R3-S3
  • 18.4 versions prior to 18.4R1-S7, 18.4R2-S5, 18.4R3-S4
  • 19.1 versions prior to 19.1R1-S5, 19.1R2-S2, 19.1R3-S2
  • 19.2 versions prior to 19.2R1-S5, 19.2R3
  • 19.3 versions prior to 19.3R2-S5, 19.3R2-S4, 19.3R3
  • 19.4 versions prior to 19.4R1-S3, 19.4R2
  • 19.4 versions prior to 19.4R1-S3, 19.4R2-S2, 19.4R3
  • 19.4 versions prior to 19.4R2
  • 20.1 versions prior to 20.1R1-S4, 20.1R2

 

 

Juniper Networks Junos OS Evolved:

  • 19.4 versions
  • 20.1 versions prior to 20.1R1-S4-EVO, 20.1R2-EVO
  • 20.2 versions prior to 20.2R1-EVO

 


Solutions

Before installation of the software, please visit the vendor web-site for more details.

 


Vulnerability Identifier


Source


Related Link