Security

Juniper releases emergency patch for critical authentication bypass

A network-based attacker can completely bypass authentication on devices running in high-availability redundant configurations.
By Alex Ivanovs 1 min read
Juniper releases emergency patch for critical authentication bypass

Juniper Networks, a leading networking equipment manufacturer, has issued an emergency patch to address a critical security flaw in several of its products. The vulnerability, identified as CVE-2024-2973, affects Session Smart Router, Session Smart Conductor, and WAN Assurance Router devices.

The security issue, which Juniper discovered internally, allows attackers to bypass authentication and potentially gain full control over affected devices. Juniper has assigned the vulnerability the highest severity rating of 10.0 on a scale of 1 to 10.

CVE-2024-2973

The vulnerability specifically impacts devices running in high-availability redundant configurations, a setup commonly used in mission-critical network infrastructures across various sectors including large enterprises, data centers, telecommunications, e-commerce, and government services.

Affected product versions include:

  • Session Smart Router and Conductor: All versions before 5.6.15, from 6.0 before 6.1.9-lts, and from 6.2 before 6.2.5-sts
  • WAN Assurance Router: 6.0 versions before 6.1.9-lts and 6.2 versions before 6.2.5-sts

Juniper has released security updates for Session Smart Router in versions 5.6.15, 6.1.9-lts, and 6.2.5-sts. WAN Assurance Routers connected to the Mist Cloud will be patched automatically, though administrators of High-Availability clusters need to manually upgrade to SSR-6.1.9 or SSR-6.2.5.

The company assures us that applying the fix will have minimal impact. Web-based management and APIs will experience approximately 30 seconds of downtime. No workarounds are available, making the patch application the only recommended action.

In 2023, Juniper products were targeted by hackers exploiting a chain of four vulnerabilities in EX switches and SRX firewalls. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) subsequently issued an alert about the active exploitation of these flaws, emphasizing the critical nature of timely patching in network security.

As of now, Juniper reports no known exploitation of the CVE-2024-2973 vulnerability in the wild. However, given the flaw’s critical nature and the high-value targets that typically use Juniper products, the company strongly urges customers to install the available updates promptly.

Alex Ivanovs

Alex is the lead editor at Stack Diary and covers stories on tech, artificial intelligence, security, privacy and web development. He previously worked as a lead contributor for Huffington Post for their Code column.