Shulou(Shulou.com)05/31 Report--

In this issue, the editor will bring you an example analysis of Juniper Networks repairing serious loopholes in the firewall. The article is rich in content and analyzes and narrates it from a professional point of view. I hope you can get something after reading this article.

Juniper Networks informs customers that it has fixed several vulnerabilities in its product, most of which can be used for denial of service attacks.

The company has issued more than a dozen security announcements describing multiple vulnerabilities in Juniper products and dozens of security vulnerabilities that affect third-party components.

Most vulnerabilities affect Junos OS, but some of them affect Juniper Secure Analytics,Junos Space and Junos Space Security Director.

One of the most serious vulnerabilities in Juniper software is CVE-2020-1647, an ultra-dangerous double release vulnerability that affects SRX series firewalls that enable the ICAP redirect service. Remote attackers can exploit this vulnerability to cause a denial of service or execute arbitrary code by sending a specially crafted HTTP message.

Another ultra-critical vulnerability is CVE-2020-1654, which can also lead to a denial of service or remote code execution. The vulnerability also affects SRX firewalls with ICAP services enabled, which can be exploited by an attacker with malicious HTTP messages.

Six vulnerabilities are rated as high risk, all of which can be used for denial of service attacks, including persistent attacks. Medium-risk vulnerabilities can also be used for denial of service attacks.

Juniper Networks said it was not aware of any attacks that exploited these vulnerabilities.

The company has also fixed dozens of vulnerabilities that affect third-party components, including security vulnerabilities that component developers fixed years ago. These third-party components include OpenSSL,Intel firmware, Bouncy Castle,Java SE,Apache software, etc.

The above is the example of Juniper Networks repairing serious loopholes in the firewall shared by Xiaobian. If you happen to have similar doubts, you might as well refer to the above analysis to understand. If you want to know more about it, you are welcome to follow the industry information channel.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.