CISA Sets a Deadline - Patch Juniper Junos OS Flaws Before November 17
Nov 14, 2023
Cyber Attack / Vulnerability
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has given a November 17, 2023, deadline for federal agencies and organizations to apply mitigations to secure against a number of security flaws in Juniper Junos OS that came to light in August. The agency on Monday added five vulnerabilities to the Known Exploited Vulnerabilities ( KEV ) catalog, based on evidence of active exploitation - CVE-2023-36844 (CVSS score: 5.3) - Juniper Junos OS EX Series PHP External Variable Modification Vulnerability CVE-2023-36845 (CVSS score: 5.3) - Juniper Junos OS EX Series and SRX Series PHP External Variable Modification Vulnerability CVE-2023-36846 (CVSS score: 5.3) - Juniper Junos OS SRX Series Missing Authentication for Critical Function Vulnerability CVE-2023-36847 (CVSS score: 5.3) - Juniper Junos OS EX Series Missing Authentication for Critical Function Vulnerability CVE-2023-36851 (CVSS score: 5.3) - Juniper Junos OS SRX Series Missing Authentication for Critical