Saturday, October 16, 2021

Juniper Junos OS: 2021-10 Security Bulletin: Junos OS: QFX5110 Series: Traffic from the network internal to the device (128.0.0.0) may be forwarded to egress interfaces (JSA11236) (CVE-2021-31371)

Description
Juniper Networks Junos OS uses the 128.0.0.0/2 subnet for internal communications between the RE and PFEs. It was discovered that packets utilizing these IP addresses may egress an QFX5110 switch, leaking configuration information such as heartbeats, kernel versions, etc. out to the Internet, leading to an information exposure vulnerability.
Solution(s)
  • juniper-junos-os-upgrade-latest


  • References
  • https://attackerkb.com/topics/cve-2021-31371
  • CVE - 2021-31371
  • JSA11236




  •  

    Copyright © 2021 Vulnerability Database | Cyber Details™

    thank you Templateism for the design - You should have written the code a little more complicated - Nothing Encrypted anymore