Junos OS’s Contribution to Combat Highly Critical Vulnerabilities & for Strategic Defense

In this modern era, Juniper Networks has delivered out-of-block updates. The key purpose of doing so is to address more alarming flaws in two series namely- SRX and EX. A threat actor exploited these series to control all sorts of vulnerable systems. The two vulnerabilities namely- CVE-2024-21619 and CVE-2024-21620 are embedded within the J-Web component and affect each version available of the Junos Operating system. The company also disclosed two other shortcomings namely- CVE-2023-36846 and CVE-2023-36851 in August 2023.

  • CVE-2024-21619 (CVSS score: 5.3)-  It is a noteworthy authentication vulnerability that enables you to expose confidential configuration data
  • CVE-2024-21620 (CVSS score: 8.8)- It is surely a cross-site scripting (XSS) vulnerability  that allows you to execute arbitrary commands by exclusively crafted requests

It has come into consideration that a renowned cybersecurity firm WatchTower Labs came into existence and gave an account of all of the issues. The company addresses two vulnerabilities in the versions given below-

  • CVE-2024-21619 - 20.4R3-S9, 21.2R3-S7, 21.3R3-S5, 21.4R3-S6, 22.1R3-S5, 22.2R3-S3, 22.3R3-S2, 22.4R3, 23.2R1-S2, 23.2R2, 23.4R1, and all upcoming releases.
  • CVE-2024-21620 - 20.4R3-S10, 21.2R3-S8, 21.4R3-S6, 22.1R3-S5, 22.2R3-S3, 22.3R3-S2, 22.4R3-S1, 23.2R2, 23.4R2, and all  upcoming releases.

One of the interesting things about this company is that it highly appreciates users disabling J-Web or prohibiting access to reliable hosts as temporary mitigations till the deployment of the fixes. In such a scenario, TTB Internet Security sounds like a bargain that will surely take you out from the top of the bundle of difficulties. 

In November 2023, the United States involved both of the vulnerabilities namely- CVE-2023-36846 and CVE-2023-36851 in a catalog famous as KEV- Known Exploited Vulnerabilities. One of the surprising facts is that the Cybersecurity and Infrastructure Security Agency (CISA) is based on active exploitation.