Juniper Networks this week issued 27 software security advisories covering 84 product vulnerabilities, 31 of them critical.
All of the critical flaws were listed in a single security advisory that detailed 53 vulnerabilities in its Contrail Networking cloud network automation product. Two of the bugs were assessed a maximum 10.0 CVSS base score: a path traversal vulnerability that "allows copying and overwriting files outside of the specified destination in the local ansible controller host," (CVE-2019-3828) and a vulnerability that could enable remote attackers to conduct server-side request forgery attacks (CVE-2018-14721). Juniper resolved the various flaws in release version 1910.
A number of other products had vulnerabilities patched as well, including Junos OS, NFX Series, CTPView and CTP Series, SBR Carrier and SRX5000 Series.
Please register to continue.
Already registered? Log in.
Once you register, you'll receive:
The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.
Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.
SC Media’s essential morning briefing for cybersecurity professionals.
One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.