Juniper Networks released urgent updates for high-severity flaws (CVE-2024-21619 and CVE-2024-21620) in SRX Series and EX Series. CVE-2024-21619 (CVSS 5.3) involves Missing Authentication. CVE-2024-21620 (CVSS 8.8) is a Cross-site Scripting vulnerability, which allows attackers to execute commands with target permissions. Juniper Networks also addressed CVE-2023-36846 and CVE-2023-36851, both related to Missing Authentication for Critical Function. Users are advised to apply updates promptly or consider workarounds.
You Might Be Interested In
- Change Health: New Details, Breach Sets Records
- MacOS Backdoor in Pirated Popular Software Versions
- Chrome Flaws May Lead to Arbitrary Code Execution
- 15 Million Trello Users’ Data for Sale
- New Anatsa Banking Trojans Hit European Android Users
- Microsoft Resolves 149 Vulnerabilities in Major April Update