Vulnerability CVE-2014-3812


Published: 2014-06-13   Modified: 2014-06-16

Description:
The Juniper Junos Pulse Secure Access Service (SSL VPN) devices with IVE OS before 7.4r5 and 8.x before 8.0r1 and Junos Pulse Access Control Service (UAC) before 4.4r5 and 5.x before 5.0r1 enable cipher suites with weak encryption algorithms, which make it easier for remote attackers to obtain sensitive information by sniffing the network.

Type:

CWE-310

(Cryptographic Issues)

Vendor: Juniper
Product: Ive os 
Version: 8.0; 7.4;
Product: Unified access control software 
Version: 5.0; 4.4;
Product: Infranet controller 4000 
Product: Fips infranet controller 6500 
Product: Mag6611 gateway 
Product: Infranet controller 6000 
Product: Fips secure access 4500 
Product: Secure access 4500 
Product: Mag2600 gateway 
Product: Fips secure access 6500 
Product: Mag6610 gateway 
Product: Infranet controller 4500 
Product: Fips secure access 4000 
Product: Secure access 2500 
Product: Infranet controller 6500 
Product: Fips secure access 6000 
Product: Secure access 700 
Product: Mag4610 gateway 

CVSS2 => (AV:N/AC:L/Au:N/C:P/I:N/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
5/10
2.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
None
None

 References:
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10628

Related CVE
CVE-2019-0049
On Junos devices with the BGP graceful restart helper mode enabled or the BGP graceful restart mechanism enabled, a certain sequence of BGP session restart on a remote peer that has the graceful restart mechanism enabled may cause the local routing p...
CVE-2019-0048
On EX4300 Series switches with TCAM optimization enabled, incoming multicast traffic matches an implicit loopback filter rule first, since it has high priority. This rule is meant for reserved multicast addresses 224.0.0.x, but incorrectly matches on...
CVE-2019-0046
A vulnerability in the pfe-chassisd Chassis Manager (CMLC) daemon of Juniper Networks Junos OS allows an attacker to cause a Denial of Service (DoS) to the EX4300 when specific valid broadcast packets create a broadcast storm condition when received ...
CVE-2019-0044
Receipt of a specific packet on the out-of-band management interface fxp0 may cause the system to crash and restart (vmcore). By continuously sending a specially crafted packet to the fxp0 interface, an attacker can repetitively crash the rpd process...
CVE-2019-0043
In MPLS environments, receipt of a specific SNMP packet may cause the routing protocol daemon (RPD) process to crash and restart. By continuously sending a specially crafted SNMP packet, an attacker can repetitively crash the RPD process causing prol...
CVE-2019-0041
On EX4300-MP Series devices with any lo0 filters applied, transit network traffic may reach the control plane via loopback interface (lo0). The device may fail to forward such traffic. This issue affects Juniper Networks Junos OS 18.2 versions prior ...
CVE-2019-0040
On Junos OS, rpcbind should only be listening to port 111 on the internal routing instance (IRI). External packets destined to port 111 should be dropped. Due to an information leak vulnerability, responses were being generated from the source addres...
CVE-2019-0039
If REST API is enabled, the Junos OS login credentials are vulnerable to brute force attacks. The high default connection limit of the REST API may allow an attacker to brute-force passwords using advanced scripting techniques. Additionally, administ...

Copyright 2019, cxsecurity.com

 

Back to Top