PT-2014-5519 · Juniper Networks · Junos Pulse Secure Access Service+1
Publicado
2014-06-13
·
Atualizado
2014-06-16
·
CVE-2014-3812
CVSS v2.0
5.0
Média
| Vetor | AV:N/AC:L/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Juniper Junos Pulse Secure Access Service (SSL VPN) versions prior to 7.4r5
Juniper Junos Pulse Secure Access Service (SSL VPN) versions 8.x prior to 8.0r1
Juniper Junos Pulse Access Control Service (UAC) versions prior to 4.4r5
Juniper Junos Pulse Access Control Service (UAC) versions 5.x prior to 5.0r1
Description
The issue allows remote attackers to obtain sensitive information by sniffing the network, due to the use of weak encryption algorithms in enabled cipher suites.
Recommendations
For Juniper Junos Pulse Secure Access Service (SSL VPN) versions prior to 7.4r5, update to version 7.4r5 or later.
For Juniper Junos Pulse Secure Access Service (SSL VPN) versions 8.x prior to 8.0r1, update to version 8.0r1 or later.
For Juniper Junos Pulse Access Control Service (UAC) versions prior to 4.4r5, update to version 4.4r5 or later.
For Juniper Junos Pulse Access Control Service (UAC) versions 5.x prior to 5.0r1, update to version 5.0r1 or later.
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Junos Pulse Access Control Service
Junos Pulse Secure Access Service