Juniper Junos SRX Series Dynamic IPsec VPN DoS (JSA10620)

This script is Copyright (C) 2014-2017 Tenable Network Security, Inc.


Synopsis :

The remote device is missing a vendor-supplied security patch.

Description :

According to its self-reported version number, the remote Juniper
Junos device is affected by a denial of service vulnerability related
to the Dynamic IPsec VPN service. A remote, unauthenticated attacker
can exploit this vulnerability to cause new Dynamic VPN connections to
fail for other users or cause high CPU consumption.

Note that this issue only affects SRX series devices with Dynamic
IPsec VPN enabled.

See also :

https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10620

Solution :

Apply the relevant Junos software release or workaround referenced in
Juniper advisory JSA10620.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVSS Temporal Score : 4.3
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : true

Family: Junos Local Security Checks

Nessus Plugin ID: 73494 ()

Bugtraq ID: 66759

CVE ID: CVE-2014-0612

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now