描述:
Juniper Networks 發布了安全公告,以應對 Junos OS、Junos OS Evolved 及 Junos Space 的多個漏洞。有關漏洞的詳細資料,請參閱供應商網站的相應安全公告。
受影響的系統:
- Juniper Networks Junos OS
- Juniper Networks Junos OS Evolved
- Juniper Networks Junos Space
有關受影響系統的詳細資料,請參閱供應商網站的相應安全公告。
影響:
成功利用漏洞可以在受影響的系統導致遠端執行程式碼、服務被拒絕、權限提升、泄漏資訊或繞過保安限制。
建議:
現已有適用於受影響系統的修補程式。受影響系統的系統管理員應遵從供應商的建議,立即採取行動以降低風險。
進一步資訊:
- https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-BGP-update-message-containing-aggregator-attribute-with-an-ASN-value-of-zero-0-is-accepted-CVE-2024-47507
- https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-cRPD-Receipt-of-crafted-TCP-traffic-can-trigger-high-CPU-utilization-CVE-2024-39547
- https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-In-a-BMP-scenario-receipt-of-a-malformed-AS-PATH-attribute-can-cause-an-RPD-core-CVE-2024-47499
- https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Junos-OS-and-Junos-OS-Evolved-Receipt-of-a-specifically-malformed-BGP-packet-causes-RPD-crash-when-segment-routing-is-enabled-CVE-2024-39516
- https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-MX-Series-with-MPC10-MPC11-LC9600-MX304-EX9200-PTX-Series-Receipt-of-malformed-DHCP-packets-causes-interfaces-to-stop-processing-packets-CVE-2024-39526
- https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Receipt-of-a-specific-malformed-BGP-path-attribute-leads-to-an-RPD-crash-CVE-2024-47491
- https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-When-BGP-nexthop-traceoptions-is-enabled-receipt-of-specially-crafted-BGP-packet-causes-RPD-crash-CVE-2024-39525
- https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-With-BGP-traceoptions-enabled-receipt-of-specially-crafted-BGP-update-causes-RPD-crash-CVE-2024-39515
- https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-Due-to-a-race-condition-AgentD-process-causes-a-memory-corruption-and-FPC-reset-CVE-2024-47494
- https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-Evolved-ACX-7000-Series-Receipt-of-specific-transit-MPLS-packets-causes-resources-to-be-exhausted-CVE-2024-47490
- https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-Evolved-ACX-Series-Receipt-of-specific-transit-protocol-packets-is-incorrectly-processed-by-the-RE-CVE-2024-47489
- https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-Evolved-Connections-to-the-network-and-broadcast-address-accepted-CVE-2024-39534
- https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-Evolved-In-a-dual-RE-scenario-a-locally-authenticated-attacker-with-shell-privileges-can-take-over-the-device-CVE-2024-47495
- https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-Evolved-Low-privileged-local-user-able-to-view-NETCONF-traceoptions-files-CVE-2024-39544
- https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-Evolved-Multiple-vulnerabilities-resolved-in-c-ares-1-18-1
- https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-Evolved-QFX5000-Series-Configured-MAC-learning-and-move-limits-are-not-in-effect-CVE-2024-47498
- https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-Evolved-Specific-low-privileged-CLI-commands-and-SNMP-GET-requests-can-trigger-a-resource-leak
- https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-Evolved-TCP-session-state-is-not-always-cleared-on-the-Routing-Engine-CVE-2024-47502
- https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-J-Web-Multiple-vulnerabilities-resolved-in-PHP-software
- https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-Multiple-vulnerabilities-in-OSS-component-nginx-resolved
- https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-Multiple-vulnerabilities-resolved-in-OpenSSL
- https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-MX-Series-The-PFE-will-crash-on-running-specific-command-CVE-2024-47496
- https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-MX304-MX-with-MPC10-11-LC9600-and-EX9200-with-EX9200-15C-In-a-VPLS-or-Junos-Fusion-scenario-specific-show-commands-cause-an-FPC-crash-CVE-2024-47501
- https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-SRX-Series-A-large-amount-of-traffic-being-processed-by-ATP-Cloud-can-lead-to-a-PFE-crash-CVE-2024-47506
- https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-SRX-Series-Low-privileged-user-able-to-access-sensitive-information-on-file-system-CVE-2024-39527
- https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-SRX-Series-QFX-Series-MX-Series-and-EX-Series-Receiving-specific-HTTPS-traffic-causes-resource-exhaustion-CVE-2024-47497
- https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-SRX4600-and-SRX5000-Series-Sequence-of-specific-PIM-packets-causes-a-flowd-crash-CVE-2024-47503
- https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-SRX5000-Series-Receipt-of-a-specific-malformed-packet-will-cause-a-flowd-crash-CVE-2024-47504
- https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-OS-SRX5K-SRX4600-and-MX-Series-Trio-based-FPCs-Continuous-physical-interface-flaps-causes-local-FPC-to-crash-CVE-2024-47493
- https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-Space-OS-command-injection-vulnerability-in-OpenSSH-CVE-2023-51385
- https://supportportal.juniper.net/s/article/2024-10-Security-Bulletin-Junos-Space-Remote-Command-Execution-RCE-vulnerability-in-web-application-CVE-2024-39563
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0742
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0746 (to CVE-2016-0747)
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1247
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4450
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7529
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-20005
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16845
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20372
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3618
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23017
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41741 (to CVE-2022-41742)
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0567 (to CVE-2023-0568)
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0662
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3823 (to CVE-2023-3824)
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31124
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31130
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-31147
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32067
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44487
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51385
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2511
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4741
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39515 (to CVE-2024-39516)
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39525 (to CVE-2024-39527)
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39534
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39544
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39547
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39563
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47489 (to CVE-2024-47491)
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47493 (to CVE-2024-47499)
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47501 (to CVE-2024-47504)
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-47506 (to CVE-2024-47507)