Support Support Downloads Knowledge Base Juniper Support Portal Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

19.2R1-S8: Software Release Notification for JUNOS Software Version 19.2R1-S8

0

0

Article ID: TSB18197 TECHNICAL_BULLETINS Last Updated: 02 Nov 2021Version: 1.0
Alert Type:
SRN - Software Release Notification
Product Affected:
ACX, EX, MX, PTX, QFX, NFX, SRX, VRR, vMX, vSRX
Alert Description:
Junos Software Service Release version 19.2R1-S8 is now available for download from the Junos software download site
Download Junos Software Service Release:
  1. Go to Junos Platforms - Download Software page
  2. Input your product in the "Find a Product" search box
  3. From the Type/OS drop-down menu, select Junos SR
  4. From the Version drop-down menu, select your version
  5. Click the Software tab
  6. Select the Install Package as need and follow the prompts
Risk Risk Description
Low/Notification - No defined time impact to take action Software Release Notification
Impact Impact Description
Low/Notification - Monitor the situation but no action needed Software Release Notification

Solution:

Junos Software service Release version 19.2R1-S8 is now available.

19.2R1-S8 - List of Fixed issues

PR Number Synopsis Category: Marvell based EX PFE ACL
1611480 The fxpc process might crash and generate core
Product-Group=junos
On EX4600/QFX5K platforms, the fxpc process might crash and generate core when router-advertisement-guard is configured under DHCP (Dynamic Host Configuration Protocol) forwarding-options.
PR Number Synopsis Category: EX2300/3400 PFE
1542530 Junos OS: EX2300, EX3400 and EX4300 Series: An Aggregated Ethernet (AE) interface will go down due to a stream of specific layer 2 frames (CVE-2021-31365)
Product-Group=junos
An Uncontrolled Resource Consumption vulnerability in Juniper Networks Junos OS on EX2300, EX3400 and EX4300 Series platforms allows an adjacent attacker sending a stream of layer 2 frames will trigger an Aggregated Ethernet (AE) interface to go down and thereby causing a Denial of Service (DoS) Refer to https://kb.juniper.net/JSA11227 for more information.
PR Number Synopsis Category: Border Gateway Protocol
1463306 Junos OS: Receipt of a specific BGP update may cause RPKI policy-checks to be bypassed (CVE-2021-31375)
Product-Group=junos
An Improper Input Validation vulnerability in routing process daemon (RPD) of Juniper Networks Junos OS devices configured with BGP origin validation using Resource Public Key Infrastructure (RPKI); Refer to https://kb.juniper.net/JSA11240 for more information.
PR Number Synopsis Category: FreeBSD Kernel Infrastructure
1602005 Upgrade might fail when upgrading from legacy release
Product-Group=junos
On all platforms (For SRX, only SRX5k with RE-1800x4) while directly upgrading from Junos with FreeBSD 6 (e.g. 15.1X49 or before) to the affected releases, the system will check the USB connection. The upgrading will fail if there is no USB device detected during the upgrading process.
 

19.2R1-S8 - List of Known issues

PR Number Synopsis Category: Security platform jweb support
1449280 Junos OS: Stored Cross-Site Scripting (XSS) vulnerability in captive portal (CVE-2021-31355)
Product-Group=junos
A persistent cross-site scripting (XSS) vulnerability in the captive portal graphical user interface of Juniper Networks Junos OS may allow a remote authenticated user to inject web script or HTML and steal sensitive data and credentials from a web administration session, possibly tricking a follow-on administrative user to perform administrative actions on the device; Refer to https://kb.juniper.net/JSA11220 for more information.
1594516 Junos OS: J-Web allows a locally authenticated attacker to escalate their privileges to root. (CVE-2021-31372)
Product-Group=junos
An Improper Input Validation vulnerability in J-Web of Juniper Networks Junos OS allows a locally authenticated J-Web attacker to escalate their privileges to root over the target device.
PR Number Synopsis Category: VSRX platform software
1603199 Junos OS: When using J-Web with HTTP an attacker may retrieve encryption keys via Person-in-the-Middle attacks. (CVE-2021-31386)
Product-Group=junos
A Protection Mechanism Failure vulnerability in the J-Web HTTP service of Juniper Networks Junos OS allows a remote unauthenticated attacker to perform Person-in-the-Middle (PitM) attacks against the device. Refer to https://kb.juniper.net/JSA11254 for more information.
 
Modification History:
First publication 2021-11-02
Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search