Log in to ask questions, share your expertise, or stay connected to content you value. Don’t have a login? Learn how to become a member.
The web article here: https://supportportal.juniper.net/s/article/2023-08-Out-of-Cycle-Security-Bulletin-Junos-OS-SRX-Series-and-EX-Series-Multiple-vulnerabilities-in-J-Web-can-be-combined-to-allow-a-preAuth-Remote-Code-Execution?language=en_USSays the only mitigation for now is disable the web interface (from public view)But for users of PulseSecure -- it would seem https still needs to be open on the internet facing zone interface. Am I understanding this correctly OR can web-management be excluded from public view while Dialup/Dynamic VPN users can still connect to the firewall to access protected resources?Thanks, -Ben