Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Junos OS: SRX Series: Credentials exposed when using HTTP and HTTPS Firewall Pass-through User Authentication
Vulnerability Description
When an SRX Series device is configured to use HTTP/HTTPS pass-through authentication services, a client sending authentication credentials in the initial HTTP/HTTPS session is at risk that these credentials may be captured during follow-on HTTP/HTTPS requests by a malicious actor through a man-in-the-middle attack or by authentic servers subverted by malicious actors. FTP, and Telnet pass-through authentication services are not affected. Affected releases are Juniper Networks SRX Series: 12.1X46 versions prior to 12.1X46-D67 on SRX Series; 12.3X48 versions prior to 12.3X48-D25 on SRX Series; 15.1X49 versions prior to 15.1X49-D35 on SRX Series.
CVSS Information
N/A
Vulnerability Type
敏感数据的明文传输
Vulnerability Title
Juniper SRX Series Junos OS 安全漏洞
Vulnerability Description
Juniper SRX Series是美国瞻博网络(Juniper Networks)公司的一款SRX系列防火墙设备。Junos OS是运行在其中的一套操作系统。 Juniper SRX Series上的Junos OS中存在安全漏洞。攻击者可通过实施中间人攻击利用该漏洞捕获身份验证凭证。以下版本受到影响:Junos OS 12.1X46-D67之前的12.1X46版本,12.3X48-D25之前的12.3X48版本,15.1X49-D35之前的15.1X49版本。
CVSS Information
N/A
Vulnerability Type
N/A