Vigil@nce - Junos OS SRX: Man-in-the-Middle via App-id Signature Updates

December 2019 by Vigil@nce

SYNTHESIS OF THE VULNERABILITY

Impacted products: Junos OS, SRX-Series.

Severity: 2/4.

Consequences: data reading, data creation/edition.

Provenance: intranet server.

Confidence: confirmed by the editor (5/5).

Creation date: 10/10/2019.

DESCRIPTION OF THE VULNERABILITY

An attacker can act as a Man-in-the-Middle via App-id Signature Updates on Junos OS SRX, in order to read or write data in the session.

