ClickCease Juniper Networks Vulnerability: Critical Update Released - TuxCare

Join Our Popular Newsletter

Join 4,500+ Linux & Open Source Professionals!

2x a month. No spam.

Juniper Networks Critical Security Update Released

by Wajahat Raja

July 19, 2024 - TuxCare expert team

Recent media reports have stated that a Juniper Networks vulnerability that could have led to an authentication bypass if exploited has now been patched. The authentication bypass flaw affects routers that operate in high-availability redundant configurations. In this article, we’ll dive into the flaw and focus on learning more about the patch as well. Let’s begin!

Juniper Networks Vulnerability: CVE-2024-2973

The Juniper Networks vulnerability being tracked as CVE-2024-2973 has a critical vulnerability severity score (CVSS) of 10.0. Given that the vulnerability allows an attacker to bypass authentication, it can help them take complete control of the affected devices.

As per the information available, the authentication bypass flaw has an impact on the Juniper Networks Session Smart Router or Conductors. The flaw was brought to light during internal product testing.

The maximum severity rating of  the Juniper Networks vulnerability indicates that it’s paramount to threat actors. Despite this, there have not been any reports of active exploitation.

Devices Affected By The Authentication Bypass Flaw

In an advisory statement issued by the company, the devices that can be impacted from this Juniper Networks vulnerability include:

  • Session Smart Router
    • All versions before 5.6.15, from 6.0 before 6.1.9-lts, and from 6.2 before 6.2.5-sts.
  • Session Smart Conductor
    • All versions before 5.6.15, from 6.0 before 6.1.9-lts, and from 6.2 before 6.2.5-sts.
  • WAN Assurance Router
    • 6.0 versions before 6.1.9-lts and 6.2 versions before 6.2.5-sts.

Providing further insight into the vulnerability, Juniper Networks has also stated that:

“An Authentication Bypass Using an Alternate Path or Channel vulnerability in Juniper Networks Session Smart Router or Conductor running with a redundant peer allows a network based attacker to bypass authentication and take full control of the device.”

Network Security Patches For The Flaw

Juniper Networks has been swift in taking action against the vulnerability and has patched it as well. Commenting on the patch, the advisory states that:

“This vulnerability has been patched automatically on affected devices for MIST managed WAN Assurance routers connected to the Mist Cloud. It is important to note that the fix is applied automatically on managed routers by a Conductor or on WAN assurance routers has no impact on data-plane functions of the router.”

Apart from this, Juniper Networks rolled out fixes for another critical vulnerability in January 2024. That vulnerability had a CVSS of 9.8 and affected the same devices. Given this, it can be stated that staying at par with the latest developments in cyber threats and cyber security is essential for lower exposure to risk and improving the security posture.

Conclusion

The swift response from Juniper Networks in addressing the critical authentication bypass vulnerability, CVE-2024-2973, underscores the importance of timely patch management in maintaining network security.

Despite the flaw’s potential severity, proactive measures have ensured that no active exploitation takes place. This incident highlights the necessity of staying updated with the latest cybersecurity developments and using robust security protocols.

The sources for the piece include articles in The Hacker News and SECPOD.

Looking to automate vulnerability patching without kernel reboots, system downtime, or scheduled maintenance windows?

Become a TuxCare Guest Writer

Mail

Help Us Understand
the Linux Landscape!

Complete our survey on the state of Open Source and you could win one of several prizes, with the top prize valued at $500!

Your expertise is needed to shape the future of Enterprise Linux!