Vulnerability Note VU#640184
Juniper ScreenOS contains multiple vulnerabilities
Juniper Networks ScreenOS versions 6.3.0r17 through 6.3.0r20 allows unauthorized remote administration access to the device. Juniper Networks ScreenOS versions 6.2.0r15 through 6.2.0r18 and 6.3.0r12 through 6.3.0r20 allow for an attacker to monitor and decrypt VPN traffic.
According to Juniper Security Advisory #10713:
During an internal code review, two security issues were identified.
For more information, please see Juniper Security Advisory #10713.
An unauthorized remote attacker could gain privileged access to the device and compromise the confidentiality and integrity of its data.
Apply an update
Vendor Information (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Juniper Networks||Affected||21 Dec 2015||21 Dec 2015|
CVSS Metrics (Learn More)
Thanks to the Juniper SIRT Team.
This document was written by Brian Gardiner.
- CVE IDs: CVE-2015-7755 CVE-2015-7756
- Date Public: 17 Dec 2015
- Date First Published: 21 Dec 2015
- Date Last Updated: 22 Dec 2015
- Document Revision: 32
If you have feedback, comments, or additional information about this vulnerability, please send us email.