Juniper Networks Releases Security Updates

Original release date: April 12, 2018

Juniper Networks has released security updates to address vulnerabilities affecting multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

NCCIC encourages users and administrators to review the following Juniper Security Advisories and apply necessary updates:

  • Junos OS: Kernel crash upon receipt of crafted CLNP packets (CVE-2018-0016)
  • SRX Series: Denial-of-service vulnerability in flowd daemon on devices configured with NAT-PT (CVE-2018-0017)
  • SRX Series: Crafted packet may lead to information disclosure and firewall rule bypass during compilation of IDP policies (CVE-2018-0018)
  • Junos: Denial-of-service vulnerability in SNMP MIB-II subagent daemon (mib2d) (CVE-2018-0019)
  • Junos OS: rpd daemon cores due to malformed BGP UPDATE packet (CVE-2018-0020)
  • Steel-Belted Radius Carrier: Eclipse Jetty information disclosure vulnerability (CVE-2015-2080)
  • NorthStar: Return of Bleichenbacher’s Oracle Threat (ROBOT) RSA SSL attack (CVE-2017-1000385)
  • OpenSSL: Multiple vulnerabilities resolved in OpenSSL
  • Junos OS: Multiple vulnerabilities in stunnel 5.38
  • NSM Appliance: Multiple vulnerabilities resolved in CentOS 6.5-based 2012.2R12 release
  • Junos OS: Short MacSec keys may allow man-in-the-middle attacks
  • Junos OS: Mbuf leak due to processing MPLS packets in VPLS networks (CVE-2018-0022)
  • Junos Snapshot Administrator (JSNAPy) world writeable default configuration file permission (CVE-2018-0023)

This product is provided subject to this Notification and this Privacy & Use policy.