Original Issue Date: May 17, 2021
Severity Rating: MEDIUM
Software Affected
Juniper Networks Mist Access Point Firmware:
- 0.5 versions prior to 0.5.17562 on AP21, AP41, AP61 Series;
- 0.6 versions prior to 0.6.19227 on AP43, AP63 Series;
- 0.7 versions prior to 0.7.20564 on AP41, AP43, AP61, AP63 Series;
- 0.8 versions prior to 0.8.21602 on AP12, AP32, AP33, AP41, AP43, AP61, AP63 Series;
- 0.9 versions prior to 0.9.22801 on AP12, AP32, AP33, AP41, AP43, AP61, AP63 Series.
- Wi-Fi Mini-Physical Interface Module (Mini-PIM) for branch SRX Series Services Gateways.
Overview
Multiple vulnerabilities have been reported in Juniper Wi-Fi devices which could allow an attacker to inject arbitrary packets/data frames and cause denial-of-service attack on affected devices.
Description
- These Vulnerabilities exist in Juniper Wi-Fi devices that could allow the attacker to inject arbitrary network packets/data frames on affected devices. An attacker could exploit these vulnerabilities by conducting man-in-the-middle (MITM) attacks through injecting arbitrary packets in protected Wi-Fi networks.
- Successful exploitation of these vulnerabilities could allow the attacker to inject arbitrary network packets/data frames which could be used to spoof servers and cause denial-of-service attack on affected devices.
Solution
Apply appropriate updates as mentioned in:
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11170&cat=SIRT_1&actp=LIST
Vendor Information
Juniper
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11170&cat=SIRT_1&actp=LIST
References
Juniper https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11170&cat=SIRT_1&actp=LIST
Disclaimer
The information provided herein is on “as is” basis, without warranty of any kind.