The remote device is missing a vendor-supplied security patch.
According to its self-reported version, the version of IVE / UAC OS running on the remote host is affected by multiple vulnerabilities : - An error exists in the function 'ssl3_read_bytes' that could allow data to be injected into other sessions or allow denial of service attacks. Note this issue is only exploitable if 'SSL_MODE_RELEASE_BUFFERS' is enabled. (CVE-2010-5298) - An error exists in the function 'do_ssl3_write' that could allow a NULL pointer to be dereferenced leading to denial of service attacks. Note this issue is exploitable only if 'SSL_MODE_RELEASE_BUFFERS' is enabled. (CVE-2014-0198) - An unspecified error exists that could allow an attacker to cause usage of weak keying material leading to simplified man-in-the-middle attacks. (CVE-2014-0224) - An unspecified error exists related to anonymous ECDH ciphersuites that could allow denial of service attacks. Note this issue only affects OpenSSL TLS clients. (CVE-2014-3470)
Upgrade to Juniper Junos IVE OS version 7.1r19.1 / 7.4r11.1 / 8.0r4.1 or later or UAC OS version 4.4r11.1 / 5.0r4.1 or later.