Juniper Networks has launched an emergency replace to deal with a most severity vulnerability that results in authentication bypass in Session Sensible Router (SSR), Session Sensible Conductor, and WAN Assurance Router merchandise.
The safety situation is tracked as CVE-2024-2973 and an attacker may exploit it to take full management of the system.
“An Authentication Bypass Utilizing an Alternate Path or Channel vulnerability in Juniper Networks Session Sensible Router or Conductor working with a redundant peer permits a network-based attacker to bypass authentication and take full management of the system,” reads the outline of the vulnerability.
“Solely Routers or Conductors which can be working in high-availability redundant configurations are affected by this vulnerability,” Juniper notes within the safety advisory.
Internet admins apply “Excessive-availability redundant configurations” the place service continuity is vital. This configuration is crucial to sustaining uninterrupted companies and rising resilience in opposition to unexpected, disruptive occasions.
This makes the weak configuration fairly widespread in mission-critical community infrastructure, together with in massive enterprise environments, information facilities, telecommunications, e-commerce, and authorities or public companies.
The product variations impacted by CVE-2024-2973 are:
Session Sensible Router & Conductor:
- All variations earlier than 5.6.15
- From 6.0 earlier than 6.1.9-lts
- From 6.2 earlier than 6.2.5-sts
WAN Assurance Router:
- 6.0 variations earlier than 6.1.9-lts
- 6.2 variations earlier than 6.2.5-sts
Safety updates have been made accessible for Session Sensible Router in variations 5.6.15, 6.1.9-lts, and 6.2.5-sts.
WAN Assurance Routers are patched mechanically when related to the Mist Cloud, however directors of Excessive-Availability clusters must improve to SSR-6.1.9 or SSR-6.2.5.
Juniper additionally notes that upgrading Conductor nodes is sufficient to apply the repair mechanically to related routers, however routers ought to nonetheless be upgraded to the most recent accessible model.
The seller assures clients that the applying of the repair doesn’t disrupt the manufacturing site visitors and it ought to have a minimal impression of roughly 30 seconds of downtime for web-based administration and APIs.
No workarounds are avaialble for this vulnerability and the advisable motion is proscribed to making use of the accessible fixes.
Hackers concentrating on Juniper
Juniper merchandise are a beautiful goal for hackers as a result of vital and priceless environments they’re deployed.
Final 12 months, Juniper EX switches and SRX firewalls have been focused through an exploit chain involving 4 vulnerabilities, with the malicious exercise noticed lower than every week after the seller printed the associated bulletin.
A number of months later, CISA warned concerning the lively exploitation of the talked about flaws taking bigger proportions, urging federal companies and important organizations to use the safety updates inside the subsequent 4 days, an unusually quick deadline for CISA alerts.