Juniper Networks has shipped fixes for crucial insects inherited from third-party device, as a part of its first massive cargo of patches in 2023.
The trojan horse implies that programs the use of a prone model of Apache Commons Textual content may well be susceptible to far off code execution (RCE).
âThis factor impacts Juniper Networks Safety Danger Reaction Supervisor (STRM) variations previous to 7.5.0UP4 on JSA Sequence,” Juniperâs advisory said.
STRM 7.5.0UP4 and all next releases use a patched model of Apache Commons Textual content.
In a separate advisory, Juniper mentioned it has additionally up to date the libexpat library it makes use of in its Junos OS working gadget in opposition to 15 insects, seven of which can be rated crucial (CVSS rating of 9.8 in every case). The problem impacts âall variations of Junos OSâ, the advisory mentioned.
Fixes were shipped for all affected Junos OS construct collection.