Juniper Junos QFX Low Entropy Vulnerability (JSA10678)
Medium Nessus Plugin ID 82798
SynopsisThe remote device is missing a vendor-supplied security patch.
DescriptionAccording to its self-reported version number, the remote Juniper Junos device is affected by a low entropy vulnerability due to an insufficient number of bytes being collected from the RANDOM_INTERRUPT entropy source when the device is first booted, thus resulting in the generation of weak SSH keys or SSL/TLS certificates.
SolutionApply the relevant Junos software release referenced in Juniper advisory JSA10678.