Juniper Networks has pushed security updates to address various vulnerabilities affecting a number of items, some of which could be exploited to seize control of affected units.
The most critical of the flaws affect Junos Area and Contrail Networking, with the tech firm urging clients to release versions 22.1R1 and 21.4., respectively.
Chief among the them is a collection of 31 bugs in the Junos Area network management program, such as CVE-2021-23017 (CVSS rating: 9.4) that could result in a crash of susceptible products or even achieve arbitrary code execution.
“A security issue in nginx resolver was discovered, which might let an attacker who is able to forge UDP packets from the DNS server to bring about 1-byte memory overwrite, ensuing in employee procedure crash or potential other affect,” the corporation stated.
The similar security vulnerability has also been remediated in Northstar Controller in variations 5.1. Company Pack 6 and 6.2.2.
Additionally, the networking machines maker cautioned of multiple identified issues exist in CentOS 6.8 which is delivered with Junos Place Coverage Enforcer before version 22.1R1. As mitigations, the version of CentOS packed with the Policy Enforcer element has been upgraded to 7.9.
Also mentioned are 166 security vulnerabilities impacting its Contrail Networking product that effect all versions prior to 21.4. and have been collectively presented the maximum CVSS rating of 10..
“Various vulnerabilities in 3rd party software package used in Juniper Networks Contrail Networking have been fixed in release 21.4. by upgrading the Open up Container Initiative (OCI)-compliant Crimson Hat Common Foundation Impression (UBI) container graphic from Crimson Hat Organization Linux 7 to Pink Hat Business Linux 8,” it noted in an advisory.
Observed this write-up attention-grabbing? Follow THN on Fb, Twitter and LinkedIn to read extra distinctive written content we publish.
Some elements of this posting are sourced from: