Some of the Juniper Networks Products has been also affected by the Critical Log4j Vulnerability that was discovered on Dec 10th. As of now no patch has been released by Juniper Networks but they have provided mitigations and workarounds for some of the products to prevent the exploitation of the vulnerability. Except the products listed below as Vulnerable, almost all other products are not Vulnerable but the Juniper Team is continuing to invest as per their latest advisory.
| Juniper Networks Product | Versions | Status | Patched |
|---|---|---|---|
| Cross Provisioning Platform | All | Vulnerable | Not Yet |
| Advanced Threat Prevention (JATP) | All | Not Vulnerable | Not Needed |
| AppFormix | All | Not Vulnerable | Not Needed |
| Apstra System | All | Not Vulnerable | Not Needed |
| BTI hardware platforms | All | Not Vulnerable | Not Needed |
| BTI ProNX PSM Software | All | Vulnerable | Not Yet |
| Connectivity Services Director | All | Not Vulnerable | Not Needed |
| Contrail Analytics | All | Not Vulnerable | Not Needed |
| Contrail Cloud | All | Not Vulnerable | Not Needed |
| Contrail Networking | All | Not Vulnerable | Not Needed |
| Contrail Service Orchestration | All | Not Vulnerable | Not Needed |
| CTPOS and CTPView | All | Not Vulnerable | Not Needed |
| ICEAAA Manager | All | Not Vulnerable | Not Needed |
| JATP Cloud | All | Not Vulnerable | Not Needed |
| JSA Series | All | Not Vulnerable | Not Needed |
| JSA Risk Manager | All | Vulnerable | Not Yet |
| JSA Series User Behavior Analytics | All | Vulnerable | Not Yet |
| Juniper Identity Management Services (JIMS) | All | Not Vulnerable | Not Needed |
| Juniper Mist Edge | All | Not Vulnerable | Not Needed |
| Juniper Sky Enterprise | All | Not Vulnerable | Not Needed |
| Junos Fusion | All | Not Vulnerable | Not Needed |
| Junos OS Evolved | All | Not Vulnerable | Not Needed |
| Junos OS | All | Not Vulnerable | Not Needed |
| Junos Space Network Management Platform | All | Vulnerable | Not Yet |
| Mist Access Points | All | Not Vulnerable | Not Needed |
| Mist WAN Assurance | All | Not Vulnerable | Not Needed |
| Mist AI | All | Not Vulnerable | Not Needed |
| Mist Wi-Fi Assurance | All | Not Vulnerable | Not Needed |
| Mist Wired Assurance | All | Not Vulnerable | Not Needed |
| Mist Premium Analytics | All | Not Vulnerable | Not Needed |
| Mist Marvis Virtual Network Assistant | All | Not Vulnerable | Not Needed |
| NorthStar Controller | All | Vulnerable | Not Yet |
| NorthStar Planner | All | Vulnerable | Not Yet |
| Network Director | All | Not Vulnerable | Not Needed |
| Network and Security Manager (NSM) | All | Vulnerable | Not Yet |
| Paragon Active Assurance | All | Not Vulnerable | Not Needed |
| Paragon Pathfinder | 21 & later | Vulnerable | Not Yet |
| Paragon Planner | 21 & later | Vulnerable | Not Yet |
| Paragon Insights | All | Not Vulnerable | Not Needed |
| Policy Enforcer | All | Not Vulnerable | Not Needed |
| SBR Carrier Edition | All | Not Vulnerable | Not Needed |
| ScreenOS | All | Not Vulnerable | Not Needed |
| SecIntel | All | Not Vulnerable | Not Needed |
| Security Director Insights | All | Not Vulnerable | Not Needed |
| Security Director | All | Not Vulnerable | Not Needed |
| Secure Analytics | All | Vulnerable | Not Yet |
| Session Smart Router (Formerly 128T) | All | Not Vulnerable | Not Needed |
| Satellite NOS | All | Not Vulnerable | Not Needed |
| Space SDK | All | Not Vulnerable | Not Needed |
| Standalone Log Collector 20.1 | All | Not Vulnerable | Not Needed |
| Virtual BLE | All | Not Vulnerable | Not Needed |
| WANDL IP/MPLSView | All | Vulnerable | Not Yet |
There has been some mitigation provided by the Juniper Networks Team for some of the products in the above link.