Skip to main content

Juniper Releases Security Updates for Multiple Products

Scheduled updates for Juniper Networks products with updated Log4j2 advisory

Report a cyber attack: call 0300 303 5222 or email carecert@nhsdigital.nhs.uk

Summary

Scheduled updates for Juniper Networks products with updated Log4j2 advisory


The following platforms are also known to be affected:

Multiple other platforms are affected. Please review the Juniper Networks security advisories page for more information.

Threat details

Introduction

Juniper Networks has released 36 security updates to address multiple vulnerabilities in various Juniper products. An attacker could exploit some of these vulnerabilities to take control of an affected system.

Juniper Networks also updated their out-of-cycle Log4j2 2021-12 Out of Cycle Security Advisory - Multiple Products: Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints. (CVE-2021-44228, CVE-2021-4104, CVE-2021-45046 and CVE-2021-42550).


Remediation advice

Organisations are encouraged to review Juniper Networks' security advisories page and apply the necessary updates.


Last edited: 17 January 2022 4:43 pm