SRX Series: A crafted packet may lead to information disclosure and firewall rule bypass during compilation of IDP policies.

On SRX Series devices during compilation of IDP policies, an attacker sending specially crafted packets may be able to bypass firewall rules, leading to information disclosure which an attacker may use to gain control of the target device or other internal devices, systems or services protected by the SRX Series device. This issue only applies to devices where IDP policies are applied to one or more rules. Customers not using IDP policies are not affected. Depending on if the IDP updates are automatic or not, as well as the interval between available updates, an attacker may have more or less success in performing reconnaissance or bypass attacks on the victim SRX Series device or protected devices. ScreenOS with IDP is not vulnerable to this issue. Affected releases are Juniper Networks Junos OS: 12.1X46 versions prior to 12.1X46-D60 on SRX; 12.3X48 versions prior to 12.3X48-D35 on SRX; 15.1X49 versions prior to 15.1X49-D60 on SRX.

N/A

N/A

Juniper SRX系列设备Junos OS 信息泄露漏洞

Juniper SRX Series devices是美国瞻博网络（Juniper Networks）公司的一个SRX系列网关设备。Junos OS是使用在其中的操作系统。该操作系统提供了安全编程接口和Junos SDK。 Juniper SRX系列设备上的Junos OS 12.1X46版本、12.3X48版本和15.1X49版本（使用IDP策略）中存在信息泄露漏洞。远程攻击者可通过发送特制的数据包利用该漏洞绕过防火墙规则，获取信息，从而控制目标设备或其他内部设备，及受SRX系列产品保护的系统和服务。

N/A

N/A