Press "Enter" to skip to content

Junos OS: Attackers could hijack admin sessions

To prevent possible attacks, admins should update their network devices based on Junos OS and Junos OS Evolved. Otherwise, attackers could paralyze devices or even execute their own code.

As can be seen from the messages in Juniper’s security center, none of the gaps is classified as critical. Most dangerous is an XSS vulnerability (CVE-2021-31355 “high“), which attackers could use to persist in systems. How this could work in detail is currently not known. If an attack is successful, they could, for example, record access data from admins sessions.

Several holes are related to the threat level “high“This is where attackers could, for example, launch DoS attacks or bypass security mechanisms. However, they often have to be authenticated to do so.

This affects several different editions of Junos OS. Juniper has published a number of Junos OS editions designed to counter such attacks. Admins can find the vulnerable and repaired versions in the warning messages linked below this message.

List sorted in descending order by threat level:


(from)

Article Source

Disclaimer: This article is generated from the feed and not edited by our team.