Patch/Configuration Management, Vulnerability Management

Oversight Committee seeks response from agencies about Juniper

In response to the critical vulnerability found in the ScreenOS hardware firewall device's illicit code announced by Juniper Networks last month, the U.S. Senate's Committee on Oversight and Government Reform has requested information from 24 federal agencies and government departments.

The committee sent letters to the department head of each of the government departments emphasizing the urgent nature of Juniper's announced “unauthorized code that could allow a knowledgeable attacker to gain administrative access” to certain devices and “decrypt VPN connections.”

The oversight committee asked for information about the firewalls used by each department and set a two week deadline for agencies to respond. The commission requested information from affected agencies about when they deployed Juniper's patch.

Letters were sent to the major U.S. departments and agencies, including the Department of Defense, Nuclear Regulatory Commission, Department of State and Department of Veteran Affairs.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds