Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
SRX Series: Antivirus updates are downloaded without verification
Vulnerability Description
Juniper Networks Junos OS on SRX series devices do not verify the HTTPS server certificate before downloading anti-virus updates. This may allow a man-in-the-middle attacker to inject bogus signatures to cause service disruptions or make the device not detect certain types of attacks. Affected Junos OS releases are: 12.1X46 prior to 12.1X46-D71; 12.3X48 prior to 12.3X48-D55; 15.1X49 prior to 15.1X49-D110;
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Juniper SRX系列设备Junos OS 安全漏洞
Vulnerability Description
Juniper SRX series device是美国瞻博网络(Juniper Networks)公司的一系列防火墙产品。Junos OS是运行在其中的一套操作系统。 Juniper SRX系列设备上的Junos OS 12.1X46版本、12.3X48版本和15.1X49版本存在安全漏洞,该漏洞源于程序在下载防病毒更新之前,没有验证HTTPS服务器证书。攻击者可利用该漏洞实施中间人攻击,注入伪造的签名,造成拒绝服务(服务中止)或造成设备无法检测到攻击类型。
CVSS Information
N/A
Vulnerability Type
N/A