Juniper Junos OS Multiple Vulnerabilities
Last Update Date:
2 Nov 2020
Release Date:
30 Oct 2020
5409
Views
RISK: Medium Risk
TYPE: Operating Systems - Networks OS
Multiple vulnerabilities were identified in Juniper Junos OS, a remote attacker could exploit some of these vulnerabilities to perform denial of service, remote code execution, cross-site scripting and bypass security restriction on the targeted system.
[Updated 2-Nov-2020] Note: Added a new CVE (CVE-2020-1685) and updated in the "System / Technologies Affected", "Vulnerability Identifier" and "Related Links" Section.
Impact
- Cross-Site Scripting
- Denial of Service
- Remote Code Execution
- Security Restriction Bypass
System / Technologies affected
Juniper Networks Junos OS
- 12.3 versions prior to 12.3R12-S16
- 12.3X48 versions prior to 12.3X48-D105
- 15.1 versions prior to 15.1R7-S7
- 15.1X49 versions prior to 15.1X49-D221, 15.1X49-D230
- 15.1X53 versions prior to 15.1X53-D593
- 16.1 versions prior to 16.1R7-S8
- 17.2 versions prior to 17.2R3-S4
- 17.2X75 versions prior to 17.2X75-D45
- 17.3 versions prior to 17.3R3-S9
- 17.4 versions prior to 17.4R2-S12, 17.4R3-S2, 17.4R3-S3
- 18.1 versions prior to 18.1R3-S11
- 18.2 versions prior to 18.2R2-S7, 18.2R3-S6
- 18.2X75 versions prior to 18.2X75-D34, 18.2X75-D53, 18.2X75-D41, 18.2X75-D430, 18.2X75-D65
- 18.3 versions prior to 18.3R1-S5, 18.3R2-S4, 18.3R3-S3
- 18.4 versions prior to 18.4R1-S7, 18.4R2-S5, 18.4R3-S4
- 19.1 versions prior to 19.1R1-S5, 19.1R2-S2, 19.1R3-S2
- 19.2 versions prior to 19.2R1-S5, 19.2R3
- 19.3 versions prior to 19.3R2-S5, 19.3R2-S4, 19.3R3
- 19.4 versions prior to 19.4R1-S3, 19.4R2
- 19.4 versions prior to 19.4R1-S3, 19.4R2-S2, 19.4R3
- 19.4 versions prior to 19.4R2
- 20.1 versions prior to 20.1R1-S4, 20.1R2
Juniper Networks Junos OS Evolved:
- 19.4 versions
- 20.1 versions prior to 20.1R1-S4-EVO, 20.1R2-EVO
- 20.2 versions prior to 20.2R1-EVO
Solutions
Before installation of the software, please visit the vendor web-site for more details.
- Apply fixes issued by the vendor. For detail, please refer to the link below:
https://kb.juniper.net/InfoCenter/index?page=content
Vulnerability Identifier
- CVE-2020-1671
- CVE-2020-1674
- CVE-2020-1685
- CVE-2019-16168
- CVE-2019-9937
- CVE-2019-9936
- CVE-2019-8457
- CVE-2019-5018
- CVE-2018-20506
- CVE-2018-20505
- CVE-2018-20346
- CVE-2018-8740
- CVE-2017-15286
- CVE-2017-13685
- CVE-2017-10989
- CVE-2016-6153
- CVE-2015-6607
- CVE-2015-5895
- CVE-2015-3717
- CVE-2015-3416
- CVE-2015-3415
- CVE-2015-3414
- CVE-2013-7443
- CVE-2008-6593
- CVE-2008-6592
- CVE-2008-6590
- CVE-2008-6589
Source
Related Link
- https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11075
- https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11077
- https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11070
- https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11057
- https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11067
- https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11082
- https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11081
- https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11080
- https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11069
- https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11055
- https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11068
- https://www.auscert.org.au/bulletins/ESB-2020.3730/
- https://www.auscert.org.au/bulletins/ESB-2020.3731/
- https://www.auscert.org.au/bulletins/ESB-2020.3750/
- https://www.auscert.org.au/bulletins/ESB-2020.3746/
- https://www.auscert.org.au/bulletins/ESB-2020.3747/
- https://www.auscert.org.au/bulletins/ESB-2020.3738/
- https://www.auscert.org.au/bulletins/ESB-2020.3737/
- https://www.auscert.org.au/bulletins/ESB-2020.3736/
- https://www.auscert.org.au/bulletins/ESB-2020.3749/
- https://www.auscert.org.au/bulletins/ESB-2020.3573.2/
- https://www.auscert.org.au/bulletins/ESB-2020.3748/
- https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11082
- https://www.auscert.org.au/bulletins/ESB-2020.3738.2/
Share with