Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
ON THIS PAGE
 

Device Vulnerabilities

You can stay informed about the vulnerabilities impacting your onboarded Juniper Network devices through Juniper's security advisories and known issues report.

The Juniper Networks Security Incident Response Team (SIRT) advisories provide you information on the vulnerabilities and security risks impacting your device. The Proactive Bug Notifications (PBNs) notify you about known software issues impacting your device. These insights help you to effectively plan software upgrades, proactively mitigate identified concerns, maintain optimal device performance, and enhance your overall support experience.

You can view these insights from the SIRT and PBN tabs of the Router Details page.

SIRT Advisories

Juniper Networks Security Incident Response Team (SIRT) periodically issues advisories to inform you about security vulnerabilities and available fixes for Juniper Networks products and services. For more information, see KB16613.

To view security advisories published for a device in Juniper Routing Assurance, navigate to Organization > Inventory > Routers > Router: Router-Name. Click the SIRT tab to view information on the security vulnerabilities advisories published by the SIRT team for the device. The tab displays information on the Common Vulnerability Scoring System (CVSS) severity assessment score, OS versions impacted, solutions, and so on.

Remember:

The device must be in the cloud-connected state to view a list of security vulnerabilities specific to the type of Juniper Networks device and the Junos OS version installed.

The Security Incidence Response Team Tickets page for a device displays an insights bar with the total counts and percentages of critical, high, medium, and unassigned vulnerabilities for the device. You can filter the advisories relevant to the device based on the severity level. Click a severity level criterion on the bar to filter the advisories for that level. For example, if you click the Critical count or the Critical Vulnerabilities percentage criteria, the advisories are filtered to display only the critical advisories for the device.

From the Security Incidence Response Team Tickets page, select an entry to view the Device SIRT Quick View pane. The Device SIRT Quick View pane displays detailed information about the advisory.

For more information on the fields on the Security Incidence Response Team Tickets page and Device SIRT Quick View pane, see Table 1.

Proactive Bug Notifications (PBNs)

Juniper Networks notifies you about known software issues through Proactive Bug Notifications (PBNs), ensuring you are aware of issues that might impact or interrupt network performance.

To view known issues impacting a device in Juniper Routing Assurance, navigate to Organization > Inventory > Routers > Router: Router-Name. Click the PBN tab to view information on the known software issues impacting the device. The tab displays information on the potential impact and risk for the customer network, OS version in which the issue is fixed, an assessment and recommendation on the potential network impact, and so on.

Remember:

The device must be in the cloud-connected state to view the list of known software issues relevant to the type of Juniper Networks device and the Junos OS version installed.

The Proactive Bug Notifications page displays an insights bar with the total counts and percentages of critical, major, and minor known software issues for the device. You can filter Proactive Bug Notifications for a device based on the risk level. Click a risk level criterion on the banner to filter the Proactive Bug Notifications for that level. For example, if you click the Critical count or the Critical Customer Risk percentage criteria, the advisories are filtered to display only the critical customer risk Proactive Bug Notifications for the device. The risk level filters in the insights bar make it easy to identify devices that need a software upgrade.

From the Proactive Bug Notifications page, select an entry to view the Device PBN Quick View pane. The Device PNB Quick View pane displays detailed information about the known issue.

For more information on the fields on the Proactive Bug Notifications page and Device Quick View pane, see Table 2.

Field Descriptions

Table 1: Fields on the SIRT Tab of the Router Details Page
Field Description
JSA ID Unique value that identifies the security advisory on Juniper Networks Support Portal.
Title Synopsis of the security advisory.
Severity Severity rating of the security advisory. The values are:

  • Critical

  • High

  • Medium

  • Unassigned
CVSS Score Common Vulnerability Scoring System (CVSS) severity assessment score of the advisory in the range of 0-10.
OS Versions Affected Junos or Junos Evo versions affected by the security advisory.
Release Date Date on which the security advisory was first published.
JSA Updated Date Date on which the security advisory was last updated.
Problem Description of the security advisory.
Solution Solution for the security vulnerability described in the advisory.
Workaround Detailed explanation on how to temporarily resolve the problem.
Affected Models Device models affected by the security advisory.
Affected Series Identifies one or more product series affected by the security advisory.
Release Notes Short description of the security advisory.
Table 2: Fields on the PBN Tab of the Router Details Page
Field Description
ID Unique value that identifies the Problem Report.
Headline Synopsis of the problem.
Customer Risk Classification of the potential impact to the customer if the bug was encountered in the network. The values include:

  • Critical—Conditions that could severely affect service, capacity or traffic, billing, and maintenance capabilities.

  • Major—Conditions that could seriously affect system operation, maintenance, administration, and so on.

  • Minor—Conditions that would not significantly impair the functioning of the network or significantly affect services.
Bug Type Indicates the phase or activity during which the problem was discovered. Example: Day-1.
Trigger Describes the events that happened before or at the time the problem occurred, or the event that caused the problem.
Restoration Indicates how the service can be restored when the problem occurs.

Values include:

  • Self-recovery—Service, traffic, or operation disruptions are automatically restored without any user intervention.

  • Not-possible—It is not possible to restore the service or traffic.

  • Manual—User intervention is required to restore the service, traffic, or operation disruption.
Release Notes Short description of the problem.
Fixed In Junos or Junos Evo release in which the problem was resolved.
Restoration Steps Steps to restore the service when the problem occurs.
Workaround Detailed explanation of how to temporarily resolve the problem until a permanent resolution is available.
Introduced In Junos or Junos Evo release where the problem was first found and reported.
Workaround Provided Indicates whether a workaround for the problem is provided or not.

Values include:

  • Yes—Workaround is available and is described in the Workaround field.

  • Not-possible—There are no workarounds to the problem.
Product Family Identifies one or more products affected by the problem.