#CVE202421620

Juniper Networks Patches Vulnerabilities in Switches, Firewalls

January 30, 2024 by Xynik

January 30, 2024 at 09:42AM Juniper Networks has released patches for multiple vulnerabilities in the J-Web component of Junos OS. The most severe issue is a cross-site scripting flaw (CVE-2024-21620), with a CVSS score of 8.8. Another defect (CVE-2024-21619) could allow an unauthenticated attacker to access sensitive information. Two missing authentication bugs were also resolved. … Read more

Juniper Networks Releases Urgent Junos OS Updates for High-Severity Flaws

January 30, 2024 by Xynik

January 30, 2024 at 03:59AM Juniper Networks released out-of-band updates for high-severity flaws in SRX and EX Series, addressing missing authentication and cross-site scripting vulnerabilities. watchTowr Labs discovered and reported the issues. Temporary mitigations include disabling J-Web or restricting access. Earlier critical vulnerability fixes were also shipped. U.S. CISA added previously disclosed vulnerabilities to the … Read more