August 4, 2020

Junos OS: Critical Vulnerability in SRX Series

A critical vulnerability has been discovered in the Junos operating system. The vulnerability was caused by the ICAP (Internet Content Adaptation Protocol) protocol, and attackers can exploit DoS and RCE attacks by exploiting the vulnerability there.

Junos OS
Junos OS

 

The vulnerable versions of Junos are as follows

18.1 versions prior to 8.1R3-S9

18.2R2-S7, 18.2 versions before 18.2R3-S3

18.3R1-S7, 18.3R2-S4, 18.3 versions before 18.3R3-S1

18.4R1-S7, 18.4R2-S4, 18.4 versions before 18.4R3

19.1R1-S5, 19.1 versions before 19.1R2

19.2R1-S2, 19.2 versions before 19.2R2

19.3 releases before 19.3R2

Junos OSs before 18.1R1 will not affect

The measures that can be taken are as follows

Closing the ICAP protocol.

18.1R3-S9, 18.2R2-S7, 18.2R3-S3, 18.3R1-S7, 18.3R2-S4, 18.3R3-S1, 18.4R1-S7, 18.4R2 -S4, 18.4R3, 19.1R1-S5, 19.1R2, 19.2R1-S2, 19.2R2, 19.3R2, 19.4R1 or upgrade to later versions.

Update links: https://support.juniper.net/support/downloads/

Leave a Reply

Your email address will not be published. Required fields are marked *