Juniper Support Portal Exposed Customer Device Information – Security Krebs

Until earlier this week, the support website for the networking equipment vendor Juniper Networks discloses potentially sensitive information related to customer products, including devices purchased by customers, as well as each product’s warranty status, service contracts and serial numbers. Juniper said it has since fixed the problem, and that the unintended data exposure stemmed from a recent upgrade to its support portal.

Juniper Networks based in Sunnyvale, Calif. manufactures high-powered Internet routers and switches, and its products are used by some of the world’s largest organizations. Earlier this week, KrebsOnSecurity heard from a reader responsible for managing multiple Juniper devices, who found that he could use Juniper’s customer support portal to find device information and contract support for other Juniper customers.

Logan George is a 17-year-old intern working for an organization that uses Juniper products. Speaking on the condition that his employer not be named, George said he discovered the data exposure earlier this week by accident while searching for support information on a particular Juniper product.

George discovered that after logging in with a regular customer account, the Juniper support website allowed him to list detailed information about almost any Juniper device purchased by other customers. Searched for Amazon.com in the Juniper portal, for example, returned tens of thousands of records. Each record includes the model and serial number of the device, the approximate location where it is installed, as well as the status of the device and the associated support contract information.

Information disclosed on the Juniper support portal. Columns not illustrated include Serial Number, Software Support Reference number, Product, Warranty Expiration Date and Contract ID.

George said the disclosed support contract information is potentially sensitive because it indicates which Juniper products are likely to lack critical security updates.

“If you don’t have a support contract you don’t get updates, it’s as simple as that,” George said. “Using the serial numbers, I can see which products are not under support contracts. And then I can track down where each device was shipped through their serial number tracking system, and can’ g can see everything being shipped to the same location. Many companies don’t update their switches regularly, and knowing what they use allows one to know what the possible ones are. attack vector.

In a written statement, Juniper said the data exposure was the result of a recent upgrade to its support portal.

“We have been notified of an unintended issue that allowed registered users of our system to access serial numbers unrelated to their account,” the statement read. “We acted immediately to resolve this issue and have no reason to believe at this time that any identifiable or personal customer data has been exposed in any way. We take these matters very seriously and always use these experiences to prevent further similar incidents. We are actively working to determine the cause of this defect and thank the researcher for bringing it to our attention.”

The company has not yet responded to requests for information about exactly when the user rights override was introduced. However, the changes may date back to September 2023, when Juniper Office has partnered it is rebuilding its customer support portal.

George told KrebsOnSecurity that the back-end for Juniper’s support website appears to be supported by Salesforce, and that Juniper probably doesn’t have the right user permissions built into his Salesforce properties. In April 2023, KrebsOnSecurity published research showing that a surprising number of organizations – including banks, healthcare providers and state and local governments – are leaking private and sensitive data thanks to faulty Install Salesforce.

Nicholas Weavera researcher at the University of California, Berkeley’s International Computer Science Institute (ICSI) and lecturer at UC Davis, said that the complexity imposed on modern tech support portals leaves a lot of room for error.

“It’s a reminder of how difficult it is to build these large systems like support portals, where you have to manage a gazillion users with different access roles,” Weaver said. “A minor messing around there can have ridiculous consequences.”

Last month, computer maker Hewlett Packard Enterprise Office has partnered it will buy Juniper Networks for $14 billion, which will reportedly help boost the 100-year-old technology company’s artificial intelligence offerings.

Leave a comment