Multiple Juniper security updates

Number: AV16-167
Date: 19 October 2016

Purpose

The purpose of this advisory is to bring attention to multiple Juniper system security updates.

Assessment

Juniper has released security updates to address multiple vulnerabilities in Juniper products. The exploitation of these vulnerabilities could result in the remote execution of arbitrary code, denial of service, affect the integrity IntegrityThe ability to protect information from being modified or deleted unintentionally or when it’s not supposed to be. Integrity helps determine that information is what it claims to be. Integrity also applies to business processes, software application logic, hardware, and personnel. of files and folders.

Impacted products:

  • Juniper Juno OS
  • vMX (Virtual MX Series router)
  • JUNOSe with IPv6 enabled
  • Junos OS with J-Web enabled
  • Junos OS with IPv6 enabled
  • CTPView prior to 7.1R3, 7.3R1
  • Junos Space before 15.2R2

CVE Numbers:

CVE-2013-0169, CVE-2016-4926, CVE-2016-4927, CVE-2016-4928, CVE-2016-4929, CVE-2016-4930, CVE-2016-4931, CVE-2011-0997, CVE-2011-2748, CVE-2011-2749, CVE-2012-3571, CVE-2013-0791, CVE-2013-1620, CVE-2013-1739, CVE-2013-1741, CVE-2013-2596, CVE-2013-5605, CVE-2013-5606, CVE-2013-5607, CVE-2014-1490, CVE-2014-1491, CVE-2014-1492, CVE-2014-1545, CVE-2014-1568, CVE-2015-1794, CVE-2015-2151, CVE-2015-3193, CVE-2015-3194, CVE-2015-3195, CVE-2015-3196, CVE-2015-5364, CVE-2015-5366, CVE-2016-4921, CVE-2016-4923, CVE-2016-4925, CVE-2016-4924, CVE-2016-4922

Suggested Action

CCIRC recommends that owner/operators test and deploy the vendor released updates or workarounds to affected platforms accordingly.

References:

Juniper Security Bulletins

Date modified: