InfoSecBulletin Cybersecurity for mankind
Juniper Networks, a manufacturer of networking equipment, has released patches for over 30 vulnerabilities in Junos OS and Junos OS Evolved. These patches include fixes for nine high-severity vulnerabilities.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has given a November 17, 2023, deadline for federal agencies and organizations to apply mitigations to secure against a naf security flaws in Juniper Junos OS that came to light in August.
RockYou2024: Massive 10-Billion Password Leak
ISPC first get together held with a festive look
ISACA Dhaka chapter election
Iqbal hossain president, Azad secretary for ISACA Dhaka chapter
Emerging Eldorado ransomware focuses on Windows, VMware ESXi VMs
OVHcloud faces record 840 million DDoS Attack Using MikroTik Routers
New report; Polyfill[.]io Attack Impacts Over 380,000 Hosts
![New report; Polyfill[.]io Attack Impacts Over 380,000 Hosts](https://infosecbulletin.com/wp-content/uploads/2024/07/Untitled-1-8.jpg)
Apache HTTP Server Update Patches Critical Source Code Disclosure Flaw
Microsoft Uncovers Flaws in Rockwell Automation PanelView Plus
Researchers detect 28 new Ransomwares in June
Vote for DHAKA, Vote for ISACA at 6 July
The agency on Monday added five vulnerabilities to the Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.
The main issue is a bug in default permissions that lets an unauthorized attacker gain root privileges and create a backdoor on a vulnerable device.
The flaw is tracked as CVE-2023-44194 (CVSS score: 8.4). It occurs due to incorrect permissions associated with a specific system directory.
Juniper’s patches also address six high-severity vulnerabilities in Junos OS and Junos OS Evolved that could lead to denial of service (DoS). Five of these can be exploited remotely, without authentication.
Both Junos OS and Junos OS Evolved are affected by two high-severity issues. These issues can be exploited to impact device stability and the confidentiality and integrity of device operations.
The recent Junos OS and Junos OS Evolved updates fixed several medium-severity vulnerabilities. These flaws could cause DoS conditions, bypass access restrictions, impact system integrity and network connections, affect system availability, leak credentials and configuration changes, and lead to incorrect forwarding of MAC addresses.
Juniper released patches for medium-severity vulnerabilities in third-party software used in Junos OS and Junos OS Evolved. These vulnerabilities include NTP vulnerabilities and cryptographic algorithm issues.
Software updates have been released for Junos OS and Junos OS Evolved versions 20.4, 21.1, 21.2, 21.3, 21.4, 22.1, 22.2, 22.3, 22.4, 23.1, 23.2, and 23.3, fixing vulnerabilities.
Juniper Networks has not detected any malicious attacks exploiting these vulnerabilities.
Apply patches to networking products, including Juniper devices, as soon as possible to prevent exploitation of known vulnerabilities.
Visit Juniper’s support portal for more information.
