SK-CERT Bezpečnostné varovanie V20220719-01

Dôležitosť Kritická
Klasifikácia Neutajované/TLP WHITE
CVSS Skóre
10.0
Identifikátor
Juniper produkty – kritické bezpečnostné zraniteľnosti
Popis
Spoločnosť Juniper Networks vydala bezpečnostné aktualizácie na svoje produkty Junos OS, Junos OS Evoled, NorthStar Controller, Junos Space Policy Enforcer a Contrail Networking, ktoré opravujú viacero bezpečnostných zraniteľností.
Najzávažnejšie kritické bezpečnostné zraniteľnosti sa nachádzajú v produktoch Junos Space Security Director Policy Enforcer, Contrail Networking a NorthStar Controller. Zraniteľnosti spočívajú v nedostatočnej implementácii bezpečnostných mechanizmov a vzdialený neautentifikovaný útočník by ich mohol zneužiť na vykonanie škodlivého kódu a úplné narušenie dôvernosti, integrity a dostupnosti systému.
Dátum prvého zverejnenia varovania
13.07.2022
CVE
CVE-2003-0001, CVE-2012-0876, CVE-2013-7422, CVE-2014-4043, CVE-2014-5044, CVE-2014-6272, CVE-2014-9114, CVE-2014-9471, CVE-2014-9474, CVE-2014-9488, CVE-2014-9746, CVE-2014-9939, CVE-2015-1283, CVE-2015-2059, CVE-2015-2327, CVE-2015-2328, CVE-2015-2716, CVE-2015-3308, CVE-2015-4042, CVE-2015-5228, CVE-2015-5602, CVE-2015-6525, CVE-2015-7036, CVE-2015-7705, CVE-2015-7805, CVE-2015-8035, CVE-2015-8380, CVE-2015-8385, CVE-2015-8386, CVE-2015-8387, CVE-2015-8388, CVE-2015-8390, CVE-2015-8391, CVE-2015-8394, CVE-2015-8540, CVE-2015-8947, CVE-2016-10195, CVE-2016-1238, CVE-2016-1951, CVE-2016-2052, CVE-2016-2124, CVE-2016-2516, CVE-2016-2779, CVE-2016-3191, CVE-2016-4484, CVE-2016-4607, CVE-2016-4608, CVE-2016-4609, CVE-2016-4610, CVE-2016-4612, CVE-2016-4658, CVE-2016-4738, CVE-2016-5131, CVE-2016-5180, CVE-2016-5300, CVE-2016-6318, CVE-2016-7942, CVE-2016-7943, CVE-2016-7944, CVE-2016-7947, CVE-2016-7948, CVE-2016-7949, CVE-2016-7950, CVE-2016-7951, CVE-2016-8618, CVE-2016-8619, CVE-2016-8622, CVE-2016-9063, CVE-2016-9538, CVE-2016-9539, CVE-2017-0553, CVE-2017-1000158, CVE-2017-1000368, CVE-2017-10684, CVE-2017-10685, CVE-2017-10989, CVE-2017-11164, CVE-2017-12562, CVE-2017-13716, CVE-2017-14062, CVE-2017-14867, CVE-2017-14930, CVE-2017-15095, CVE-2017-15412, CVE-2017-15994, CVE-2017-16548, CVE-2017-16931, CVE-2017-17434, CVE-2017-17485, CVE-2017-18258, CVE-2017-5225, CVE-2017-5929, CVE-2017-7375, CVE-2017-7500, CVE-2017-7525, CVE-2017-7614, CVE-2017-8105, CVE-2017-8287, CVE-2017-8421, CVE-2017-8779, CVE-2017-8804, CVE-2017-8817, CVE-2017-8871, CVE-2017-9117, CVE-2018-1000654, CVE-2018-11307, CVE-2018-14404, CVE-2018-14567, CVE-2018-14718, CVE-2018-14719, CVE-2018-14720, CVE-2018-14721, CVE-2018-19360, CVE-2018-19361, CVE-2018-19362, CVE-2018-6954, CVE-2018-7489, CVE-2018-8088, CVE-2018-9251, CVE-2019-0205, CVE-2019-1349, CVE-2019-1350, CVE-2019-1352, CVE-2019-1354, CVE-2019-1387, CVE-2019-14379, CVE-2019-14540, CVE-2019-14892, CVE-2019-14893, CVE-2019-16335, CVE-2019-16942, CVE-2019-16943, CVE-2019-17267, CVE-2019-17531, CVE-2019-17571, CVE-2019-18276, CVE-2019-20330, CVE-2019-25013, CVE-2019-8457, CVE-2019-9169, CVE-2019-9518, CVE-2019-9893, CVE-2019-9924, CVE-2020-10029, CVE-2020-10878, CVE-2020-11655, CVE-2020-11656, CVE-2020-12049, CVE-2020-13434, CVE-2020-13435, CVE-2020-13630, CVE-2020-13631, CVE-2020-13632, CVE-2020-13871, CVE-2020-14343, CVE-2020-14363, CVE-2020-14556, CVE-2020-14577, CVE-2020-14578, CVE-2020-14579, CVE-2020-14583, CVE-2020-14593, CVE-2020-14621, CVE-2020-15358, CVE-2020-15999, CVE-2020-1747, CVE-2020-1968, CVE-2020-1971, CVE-2020-25696, CVE-2020-25704, CVE-2020-25717, CVE-2020-2754, CVE-2020-2755, CVE-2020-2756, CVE-2020-2757, CVE-2020-27619, CVE-2020-2773, CVE-2020-2781, CVE-2020-2800, CVE-2020-2803, CVE-2020-2805, CVE-2020-2830, CVE-2020-29573, CVE-2020-36322, CVE-2020-36385, CVE-2020-8492, CVE-2020-8616, CVE-2020-8617, CVE-2020-8840, CVE-2020-9327, CVE-2021-20227, CVE-2021-20271, CVE-2021-22946, CVE-2021-23017, CVE-2021-23839, CVE-2021-23840, CVE-2021-23841, CVE-2021-28950, CVE-2021-3177, CVE-2021-33574, CVE-2021-3487, CVE-2021-3517, CVE-2021-3520, CVE-2021-35550, CVE-2021-35556, CVE-2021-35559, CVE-2021-35561, CVE-2021-35564, CVE-2021-35565, CVE-2021-35567, CVE-2021-35578, CVE-2021-35586, CVE-2021-35588, CVE-2021-35603, CVE-2021-36690, CVE-2021-3712, CVE-2021-37750, CVE-2021-41617, CVE-2021-42574, CVE-2021-42739, CVE-2022-21245, CVE-2022-21270, CVE-2022-21303, CVE-2022-21304, CVE-2022-21344, CVE-2022-21367, CVE-2022-22202, CVE-2022-22203, CVE-2022-22204, CVE-2022-22205, CVE-2022-22206, CVE-2022-22207, CVE-2022-22209, CVE-2022-22210, CVE-2022-22212, CVE-2022-22213, CVE-2022-22214, CVE-2022-22215, CVE-2022-22216, CVE-2022-22217, CVE-2022-22221
IOC
Zasiahnuté systémy
Juniper Networks Junos OS (QFX5000, QFX10000, QFX10K, SRX, MX, PTX, EX Series)
Juniper Networks Junos OS Evoled
Juniper Networks NorthStar Controller
Juniper Networks Junos Space Policy Enforcer
Juniper Networks Contrail Networking
Presnú špecifikáciu jednotlivých zasiahnutých produktov nájdete na webových adresách v časti Zdroje.
Následky
Vykonanie škodlivého kódu a úplné narušenie dôvernosti, integrity a dostupnosti systému
Zneprístupnenie služby
Neoprávnený prístup k citlivým údajom
Odporúčania
Administrátorom a používateľom odporúčame vykonať bezodkladnú aktualizáciu zasiahnutých systémov.
Po odstránení zraniteľností, ktoré mohli spôsobiť vzdialené vykonanie kódu, je dobrou praxou kontrola systému a zmena všetkých hesiel a kľúčov na dotknutom systéme a aj na iných systémoch, kde sa používalo rovnaké heslo či kľúč.
Zdroje
https://supportportal.juniper.net/s/article/2022-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Multiple-vulnerabilities-in-SQLite-resolved?language=en_US
https://supportportal.juniper.net/s/article/2022-07-Security-Bulletin-Junos-OS-EX4600-Series-and-QFX5000-Series-Receipt-of-specific-traffic-will-lead-to-an-fxpc-process-crash-followed-by-an-FPC-reboot-CVE-2022-22203?language=en_US
https://supportportal.juniper.net/s/article/2022-07-Security-Bulletin-Northstar-Controller-nginx-component-allows-remote-attacker-to-cause-worker-process-crash-or-potentially-arbitrary-code-execution-CVE-2021-23017-2?language=en_US
https://supportportal.juniper.net/s/article/2022-07-Security-Bulletin-Junos-OS-SRX-series-The-PFE-will-crash-when-specific-traffic-is-scanned-by-Enhanced-Web-Filtering-safe-search-CVE-2022-22206?language=en_US
https://supportportal.juniper.net/s/article/2022-07-Security-Bulletin-Junos-OS-QFX5000-Series-and-MX-Series-An-l2alm-crash-leading-to-an-FPC-crash-can-be-observed-in-VxLAN-scenario-CVE-2022-22210?language=en_US
https://supportportal.juniper.net/s/article/2022-07-Security-Bulletin-Junos-OS-PTX-Series-and-QFX10000-Series-Etherleak-memory-disclosure-in-Ethernet-padding-data-CVE-2022-22216?language=en_US
https://supportportal.juniper.net/s/article/2022-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-Denial-of-Service-DoS-vulnerability-in-RPD-upon-receipt-of-specific-BGP-update-CVE-2022-22213?language=en_US
https://supportportal.juniper.net/s/article/2022-07-Security-Bulletin-Junos-OS-RIB-and-PFEs-can-get-out-of-sync-due-to-a-memory-leak-caused-by-interface-flaps-or-route-churn-CVE-2022-22209?language=en_US
https://supportportal.juniper.net/s/article/2022-07-Security-Bulletin-Junos-OS-Evolved-A-high-rate-of-specific-hostbound-traffic-will-cause-unexpected-hostbound-traffic-delays-or-drops-CVE-2022-22212?language=en_US
https://supportportal.juniper.net/s/article/2022-07-Security-Bulletin-Junos-OS-MX-Series-with-MPC11-In-a-GNF-node-slicing-scenario-gathering-AF-interface-statistics-can-lead-to-a-kernel-crash-CVE-2022-22207?language=en_US
https://supportportal.juniper.net/s/article/2022-07-Security-Bulletin-Junos-OS-MX-Series-and-SRX-Series-When-receiving-a-specific-SIP-packets-stale-call-table-entries-are-created-which-eventually-leads-to-a-DoS-for-all-SIP-traffic-CVE-2022-22204?language=en_US
https://supportportal.juniper.net/s/article/2022-07-Security-Bulletin-Junos-OS-SRX-Series-An-FPC-memory-leak-can-occur-in-an-APBR-scenario-CVE-2022-22205?language=en_US
https://supportportal.juniper.net/s/article/2022-07-Security-Bulletin-Junos-Space-Security-Director-Policy-Enforcer-upgraded-to-CentOS-7-9?language=en_US
https://supportportal.juniper.net/s/article/2022-07-Security-Bulletin-Junos-OS-QFX10k-Series-Denial-of-Service-DoS-upon-receipt-of-crafted-MLD-packets-on-multi-homing-ESI-in-VXLAN-CVE-2022-22217?language=en_US
https://supportportal.juniper.net/s/article/2022-07-Security-Bulletin-Junos-OS-SRX-and-EX-Series-Local-privilege-escalation-flaw-in-download-functionality-CVE-2022-22221?language=en_US
https://supportportal.juniper.net/s/article/2022-07-Security-Bulletin-Junos-OS-OpenSSL-security-fixes?language=en_US
https://supportportal.juniper.net/s/article/2022-07-Security-Bulletin-Contrail-Networking-Multiple-vulnerabilities-resolved-in-Contrail-Networking-21-4?language=en_US
https://supportportal.juniper.net/s/article/2022-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-var-run-pid-env-files-are-potentially-not-deleted-during-termination-of-a-gRPC-connection-causing-inode-exhaustion-CVE-2022-22215?language=en_US
https://supportportal.juniper.net/s/article/2022-07-Security-Bulletin-Junos-OS-and-Junos-OS-Evolved-In-an-MPLS-scenario-upon-receipt-of-a-specific-IPv6-packet-an-FPC-will-crash-CVE-2022-22214?language=en_US
https://supportportal.juniper.net/s/article/2022-07-Security-Bulletin-Junos-OS-PTX-Series-FPCs-may-restart-unexpectedly-upon-receipt-of-specific-MPLS-packets-with-certain-multi-unit-interface-configurations-CVE-2022-22202?language=en_US
https://supportportal.juniper.net/s/article/2022-07-Security-Bulletin-Junos-Space-Multiple-vulnerabilities-resolved-in-22-2R1-release-CVE-2022-22218?language=en_US

« Späť na zoznam