Juniper Junos OS 多個漏洞
發佈日期:
2023年07月14日
830
觀看次數
風險: 中度風險
類型: 操作系統 - Network
於 Juniper Junos OS 發現多個漏洞。遠端攻擊者可利用這些漏洞,於目標系統觸發阻斷服務狀況、遠端執行任意程式碼、權限提升、遠端執行任意程式碼、仿冒及繞過保安限制。
影響
- 阻斷服務
- 繞過保安限制
- 權限提升
- 遠端執行程式碼
- 仿冒
- 繞過保安限制
受影響之系統或技術
Juniper Networks Junos OS
- All versions prior to 19.3R3-S7;
- All versions prior to 19.1R3-S10;
- 19.2 versions prior to 19.2R3-S7;
- 19.3 versions prior to 19.3R3-S8;
- 19.4 version 19.4R3-S5 and later versions prior to 19.4R3-S9, 19.4R3-S10, 19.4R3-S11;
- 20.1 versions prior to 20.1R3-S4;
- 20.1 version 20.1R1, 20.1R2 and later versions;
- 20.2 versions prior to 20.2R3-S6, 20.2R3-S7;
- 20.3 versions prior to 20.3R3-S5, 20.3R3-S6;
- 20.4 versions prior to 20.4R3-S5, 20.4R3-S6, 20.4R3-S7;
- 21.1 versions prior to 21.2R3-S2, 21.1R3-S4;
- 21.2 versions prior to 21.2R3-S2, 21.2R3-S3, 21.2R3-S5;
- 21.3 versions prior to 21.3R3-S2, 21.3R3-S4;
- 21.4 versions prior to 21.4R3, 21.4R3-S4;
- 22.1 versions prior to 22.1R1-S2, 22.1R2, 22.1R3;
- 22.2 versions prior to 22.2R2-S1, 22.2R2, 22.2R3;
- 22.3 versions prior to 22.3R2.
Juniper Networks Junos OS Evolved
- All versions prior to 20.4R3-S6-EVO;
- All versions prior to 20.4R3-S7-EVO;
- All versions prior to 21.2R3-S5-EVO;
- All versions prior to 23.2R;
- 21.1 versions;
- 21.2 versions;
- 21.3 versions;
- 21.3 versions prior to 21.3R3-S1-EVO, 21.3R3-S4-EVO;
- 21.4 versions prior to 21.4R3-EVO, 21.4R3-S2-EVO, 21.4R3-S4-EVO;
- 22.1 versions prior to 22.1R3-EVO, 22.1R3-S3-EVO;
- 22.2 versions prior to 22.2R2-S1-EVO, 22.2R2-EVO, 22.2R3-EVO;
- 22.3 versions prior to 22.3R2-EVO;
- 22.4 versions prior to 22.4R2-EVO.
Juniper Networks Junos OS on MX Series
- All versions prior to 19.1R3-S10;
- 19.2 versions prior to 19.2R3-S7;
- 19.3 versions prior to 19.3R3-S8;
- 19.4 versions prior to 19.4R3-S12;
- 20.1 version 20.1R1 and later versions;
- 20.2 versions prior to 20.2R3-S7, 20.2R3-S8;
- 20.3 version 20.3R1 and later versions;
- 20.4 versions prior to 20.4R3-S7;
- 21.1 versions prior to 21.1R3-S5;
- 21.2 versions prior to 21.2R3-S5;
- 21.3 versions prior to 21.3R3-S4;
- 21.4 versions prior to 21.4R3-S3, 21.4R3-S4;
- 22.1 versions prior to 22.1R3-S2, 22.1R3-S3;
- 22.2 versions prior to 22.2R3, 22.2R3-S1;
- 22.3 versions prior to 22.3R2, 22.3R2-S1, 22.3R3;
- 22.4 versions prior to 22.4R1-S2, 22.4R2.
Juniper Networks Junos OS on SRX Series
- All versions prior to 20.2R3-S7;
- 20.3 version 20.3R1 and later versions;
- 20.4 versions prior to 20.4R3-S6;
- 21.1 versions prior to 21.1R3-S5;
- 21.2 versions prior to 21.2R3-S4;
- 21.3 versions prior to 21.3R3-S4;
- 21.4 versions prior to 21.4R3-S3;
- 22.1 versions prior to 22.1R3-S1;
- 22.2 versions prior to 22.2R3;
- 22.3 versions prior to 22.3R2-S1, 22.3R2, 22.3R3;
- 22.4 versions prior to 22.4R1-S2, 22.4R2;
- 22.2 versions prior to 22.4R1-S1, 22.4R2, 22.2R3;
- 22.3 versions prior to 22.3R2-S1, 22.3R3;
- 22.4 versions prior to 22.4R1-S2, 22.4R2.
Juniper Networks Junos OS on SRX 4600 and SRX 5000 Series
- 20.1 version 20.1R1 and later versions;
- 20.2 versions prior to 20.2R3-S7;
- 20.3 version 20.3R1 and later versions;
- 20.4 versions prior to 20.4R3-S7;
- 21.1 versions prior to 21.1R3-S5;
- 21.2 versions prior to 21.2R3-S3;
- 21.3 versions prior to 21.3R3-S3;
- 21.4 versions prior to 21.4R3-S1;
- 22.1 versions prior to 22.1R3;
- 22.2 versions prior to 22.2R2;
- 22.3 versions prior to 22.3R1-S1, 22.3R2.
Juniper Networks Junos OS Evolved on PTX10001-36MR, PTX10004, PTX10008, PTX10016 with LC1201/1202
- 21.2 version 21.2R1-EVO and later versions;
- 21.3 version 21.3R1-EVO and later versions;
- 21.4 versions prior to 21.4R3-S3-EVO;
- 22.1 version 22.1R1-EVO and later versions;
- 22.2 versions prior to 22.2R3-S2-EVO;
- 22.3 versions prior to 22.3R3-EVO;
- 22.4 versions prior to 22.4R1-S2-EVO, 22.4R2-EVO.
Juniper Networks Junos OS on QFX10000
- 20.3 version 20.3R1 and later versions;
- 20.4 versions prior to 20.4R3-S5;
- 21.1 versions prior to 21.1R3-S5;
- 21.2 versions prior to 21.2R3-S5;
- 21.3 versions prior to 21.3R3-S4;
- 21.4 versions prior to 21.4R3-S1;
- 22.1 versions prior to 22.1R3;
- 22.2 versions prior to 22.2R2;
- 22.3 versions prior to 22.3R1-S2, 22.3R2.
解決方案
在安裝軟體之前,請先瀏覽供應商之網站,以獲得更多詳細資料。
安裝供應商提供的修補程式,詳情請參閱以下連結:
- https://supportportal.juniper.net/s/article/2023-07-Security-Bulletin-Junos-OS-Evolved-Multiple-NTP-vulnerabilities-resolved?language=en_US
- https://supportportal.juniper.net/s/article/2023-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Multiple-vulnerabilities-have-been-resolved-in-MQTT?language=en_US
- https://supportportal.juniper.net/s/article/2023-07-Security-Bulletin-Junos-OS-SRX-4600-and-SRX-5000-Series-The-receipt-of-specific-genuine-packets-by-SRXes-configured-for-L2-transparency-will-cause-a-DoS-CVE-2023-36834?language=en_US
- https://supportportal.juniper.net/s/article/2023-07-Security-Bulletin-Junos-OS-Evolved-PTX10001-36MR-and-PTX10004-PTX10008-PTX10016-with-LC1201-1202-The-aftman-bt-process-will-crash-in-a-MoFRR-scenario-CVE-2023-36833?language=en_US
- https://supportportal.juniper.net/s/article/2023-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-An-rpd-crash-occurs-when-a-specific-L2VPN-command-is-run-CVE-2023-36840?language=en_US
- https://supportportal.juniper.net/s/article/2023-07-Security-Bulletin-Junos-OS-MX-Series-An-MPC-will-crash-upon-receipt-of-a-malformed-CFM-packet-CVE-2023-36850?language=en_US
- https://supportportal.juniper.net/s/article/2023-07-Security-Bulletin-Junos-OS-The-FPC-will-crash-on-receiving-a-malformed-CFM-packet-CVE-2023-36848?language=en_US
- https://supportportal.juniper.net/s/article/2023-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-In-a-MoFRR-scenario-an-rpd-core-may-be-observed-when-a-low-privileged-CLI-command-is-executed-CVE-2023-36836?language=en_US
- https://supportportal.juniper.net/s/article/2023-07-Security-Bulletin-Junos-OS-SRX-Series-jbuf-memory-leak-when-SSL-Proxy-and-UTM-Web-Filtering-is-applied-CVE-2023-36831?language=en_US
- https://supportportal.juniper.net/s/article/2023-07-Security-Bulletin-Junos-OS-SRX-Series-A-flowd-core-occurs-when-running-a-low-privileged-CLI-command-CVE-2023-36838?language=en_US
- https://supportportal.juniper.net/s/article/2023-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-The-l2cpd-will-crash-when-a-malformed-LLDP-packet-is-received-CVE-2023-36849?language=en_US
- https://supportportal.juniper.net/s/article/2023-07-Security-Bulletin-Junos-OS-MX-Series-PFE-crash-upon-receipt-of-specific-packet-destined-to-an-AMS-interface-CVE-2023-36832?language=en_US
- https://supportportal.juniper.net/s/article/2023-07-Security-Bulletin-Junos-OS-QFX10000-Series-All-traffic-will-be-dropped-after-a-specific-valid-IP-packet-has-been-received-which-needs-to-be-routed-over-a-VXLAN-tunnel-CVE-2023-36835?language=en_US
- https://supportportal.juniper.net/s/article/2023-07-Security-Bulletin-Junos-OS-J-Web-Multiple-Vulnerabilities-in-PHP-software?language=en_US
漏洞識別碼
- CVE-2020-13817
- CVE-2020-13817
- CVE-2017-7653
- CVE-2017-7654
- CVE-2017-7655
- CVE-2023-36834
- CVE-2023-36833
- CVE-2023-36840
- CVE-2023-36850
- CVE-2023-36836
- CVE-2023-36831
- CVE-2023-36838
- CVE-2023-36832
- CVE-2023-36835
- CVE-2022-31629
- CVE-2022-31628
- CVE-2022-31627
- CVE-2022-31626
- CVE-2022-31625
- CVE-2021-21708
- CVE-2021-21707
- CVE-2021-21705
- CVE-2021-21704
- CVE-2021-21703
- CVE-2021-21702
- CVE-2021-21701
資料來源
相關連結
分享至