CISA urges immediate patching of Juniper Networks flaws

The Cybersecurity and Infrastructure Security Agency has issued a warning urging organizations to immediately patch critical vulnerabilities impacting Juniper Networks' Junos Space, NorthStar Controller, and Contrail Networking offerings even though Juniper has not found any evidence of active exploitation, according to The Register. "CISA encourages users and administrators to review the Juniper Networks security advisories pageand apply the necessary updates," said CISA in its advisory. Thirty-one vulnerabilities in Junos Space affect OpenSSH, Oracle Java SE, Samba, nginx resolver, Kerberos, curl, MySQL Server, OpenSSL, and the RPM package manager, with the one in the nginx resolver, tracked as CVE-2021-23017, potentially exploitable to enable system crashes. Such a flaw "might allow an attacker who is able to forge UDP packets from the DNS server to cause one-byte memory overwrite, resulting in worker process crash or potential other impact," noted Juniper. In addition, more than 100 CVEs in Contrail Networking dating back to nearly ten years ago have been remediated.