I opened a JTAC case for an official response, but the best I got out of the engineer currently is that they're aware of the issue and their security team is reviewing it.
this is the same answer I received earlier today. I hope someonething is released quickly as this vuln is actively being exploited.
The Juniper Networks Security Incident Response Team (SIRT) is aware of the vulnerability and working on fixes to address potential risks to some Juniper products. A Juniper Security Advisory will be published soon and updated as new details become available. We encourage our customers to contact JuniperÕs Customer Support Center for detailed advisories and product updates. We work with customers running vulnerable products very closely to ensure they take the appropriate steps we have identified and deploy any necessary updates or mitigations in a timely manner.
We will post news and bulletins here once they become available.
I'd like to know this too - can we sign up to Juniper SIRT notifications somewhere, so we can see the update as soon as its published?
Actually think i found how to subscribe to security alerts via "my subscriptions" from your account settings...
Well that is very helpful, only thing is that there is no IVEOS 7.3 for download on the software download page for SA and MAG series SSL-VPN, what now?