A vulnerability allowing missing authentication for critical functions has been identified in Juniper Networks Junos OS Evolved, specifically on PTX Series routers. This issue affects all versions prior to 21.2R3-S8-EVO, as well as certain 21.4-EVO, 22.2-EVO, 22.3-EVO, 22.4-EVO, and 23.2-EVO versions. The vulnerability allows a local, authenticated attacker with low privileges to gain unauthorized access to the Flexible PIC Concentrators (FPCs) installed in the device, potentially leading to a full compromise of the affected component.
Exploitation of this vulnerability could result in unauthorized access to FPCs, allowing a low-privileged user to act as a high-privileged user, with the potential for a complete compromise of the affected component.
Users can upgrade to Junos OS Evolved versions 21.2R3-S8-EVO, 21.4R3-S7-EVO, 22.2R3-S4-EVO, 22.3R3-S3-EVO, 22.4R3-S2-EVO, 23.2R2-EVO, 23.4R1-EVO, or any subsequent release. For those on versions beyond End of Engineering or End of Life, consult Juniper's vulnerability fix release guidance.
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.
