June 27, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Lazarus aka Hidden Cobra APT Group – Active IOCs
June 28, 2024
Chinese and North Korean Threat Actors Use Ransomware to Target Global Infrastructure – Active IOCs
June 28, 2024
Lazarus aka Hidden Cobra APT Group – Active IOCs
June 28, 2024
Chinese and North Korean Threat Actors Use Ransomware to Target Global Infrastructure – Active IOCs
June 28, 2024
Severity
High
Analysis Summary
CVE-2024-2973
Juniper Networks Session Smart Router could allow a remote attacker to bypass security restrictions, caused by improper authentication validation when running with a redundant peer. By sending a specially crafted request, an attacker could exploit this vulnerability to bypass authentication and take full control of the device.
Impact
- Security Bypass
Indicators of Compromise
CVE
- CVE-2024-2973
Affected Vendors
Juniper
Affected Products
- Juniper Networks Session Smart Router 6.0
- Juniper Networks Session Smart Conductor 6.0
- Juniper Networks WAN Assurance Router 6.0
Remediation
Refer to Juniper Networks Security Advisory for patch, upgrade or suggested workaround information.