Reg story prompts fresh security bulletin, review of Juniper Networks’ CVE process

January 30, 2024 at 10:36AM Juniper Networks disclosed and apologized for previously concealing vulnerabilities reported by watchTowr researcher Aliz Hammond. The company issued an out-of-cycle security advisory, separately disclosing four vulnerabilities with missing individual CVEs. The vulnerabilities affect J-Web in Junos OS SRX Series and EX Series. US CISA warned of the XSS vulnerability and … Read more