Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
SRX5000 Series: Denial of Service vulnerability in SSL-Proxy feature.
Vulnerability Description
SSL-Proxy feature on SRX devices fails to handle a hardware resource limitation which can be exploited by remote SSL/TLS servers to crash the flowd daemon. Repeated crashes of the flowd daemon can result in an extended denial of service condition. For this issue to occur, clients protected by the SRX device must initiate a connection to the malicious server. This issue affects: Juniper Networks Junos OS on SRX5000 Series: 12.3X48 versions prior to 12.3X48-D85; 15.1X49 versions prior to 15.1X49-D180; 17.3 versions prior to 17.3R3-S7; 17.4 versions prior to 17.4R2-S6, 17.4R3; 18.1 versions prior to 18.1R3-S8; 18.2 versions prior to 18.2R3; 18.3 versions prior to 18.3R2; 18.4 versions prior to 18.4R2; 19.1 versions prior to 19.1R2.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Vulnerability Type
对异常条件的处理不恰当
Vulnerability Title
Juniper Networks SRX5000 Junos OS 安全漏洞
Vulnerability Description
Juniper Networks SRX5000是美国瞻博网络(Juniper Networks)公司的一款5000系列安全服务网关设备。Junos OS是一套专用于该公司的硬件设备的网络操作系统。 Juniper Networks SRX5000中的Junos OS存在安全漏洞。该漏洞源于SSL代理功能没有正确处理硬件资源限制。远程攻击者可利用该漏洞导致流程中断。以下产品及版本受到影响:Juniper Networks Junos OS 12.3X48版本,15.1X49版本,17.4版本,18.1版本
CVSS Information
N/A
Vulnerability Type
N/A