close
close

Juniper releases out-of-cycle patch for maximum severity vulnerability

Posted on by darion

Juniper Networks has released an emergency update to resolve a maximum-severity security vulnerability that allows authentication bypass in Session Smart Router (SSR), Session Smart Conductor, and WAN Assurance Router products.

The security issue is tracked as CVE-2024-2973 and an attacker can exploit it to take complete control of the device.


“An authentication bypass vulnerability using an alternate path or channel in a Juniper Networks Intelligent Router or Session Guide running with a redundant peer device could allow a network attacker to bypass authentication and take complete control of the device,” the vulnerability description reads.

“This vulnerability only affects routers and cables operating in high-availability redundant configurations,” Juniper notes in its security advisory.

Network administrators use “high availability redundant configurations” where service continuity is critical. This configuration is necessary to maintain uninterrupted services and increase resilience to unforeseen, disruptive events.

Therefore, a vulnerable configuration is quite common in mission-critical network infrastructures, including large enterprise environments, data centers, telecommunications, e-commerce, and government and public institutions.

The product versions affected by CVE-2024-2973 are:

Intelligent router and session conductor:

  • All versions before 5.6.15
  • From 6.0 before 6.1.9-lts
  • From 6.2 before 6.2.5-sts

Router providing WAN:

  • Versions 6.0 before 6.1.9-lts
  • Versions 6.2 before 6.2.5 o

Security updates have been released for Session Smart Router versions 5.6.15, 6.1.9-lts, and 6.2.5-sts.

WAN Assurance routers are updated automatically when connected to Mist Cloud, but administrators of highly available clusters must upgrade to SSR-6.1.9 or SSR-6.2.5.

Juniper also notes that updating Conductor nodes is enough to automatically apply the patch to connected routers, but routers should still be updated to the latest available version.

The vendor assures customers that applying the patch will not disrupt production traffic and will result in minimal downtime of approximately 30 seconds to web management and APIs.

There is no workaround for this vulnerability. Recommended actions are limited to applying available patches.

Hackers attacking Juniper

Juniper products are attractive targets for hackers because of the critical and valuable environments in which they are deployed.

Last year, Juniper EX switches and SRX firewalls were targeted by an exploit chain involving four vulnerabilities, with malicious activity observed less than a week after the vendor published a related bulletin.

Months later, CISA warned of active exploitation of the aforementioned vulnerabilities on a larger scale, urging federal agencies and mission-critical organizations to apply security updates within the next four days, an extremely tight deadline for CISA alerts.