Juniper Junos Certificate Validation Bypass (JSA10755)
Medium Nessus Plugin ID 92513
SynopsisThe remote device is missing a vendor-supplied security patch.
DescriptionAccording to its self-reported version number, the remote Juniper Junos device is affected by a security bypass vulnerability due to improper validation of self-signed certificates used for IKE and IPsec. An unauthenticated, remote attacker can exploit this, via a specially crafted self-signed certificate, to bypass certificate validation and intercept network traffic.
SolutionUpgrade to the relevant Junos software release referenced in Juniper advisory JSA10755. Alternatively, configure all PKI-VPN tunnels to accept only Distinguished Name (DN) as the remote peer's IKE ID.