Support Support Downloads Knowledge Base Juniper Support Portal Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

Potential security vulnerability in OpenSSL in SSC and SDX products



Article ID: JSA10312 SECURITY_ADVISORIES Last Updated: 09 May 2013Version: 2.0
Legacy Advisory Id:
Product Affected:
All SDX and SSC released software built prior to March 6, 2003
The version of OpenSSL software shipped with SSC and SDX releases built prior to March 6, 2003, do not perform a MAC checksum calculation on packets which contain incorrect block cipher padding. The timing difference between reporting incorrect padding vs. MAC checksum verification errors can provide valuable information to active attacks against certain encryption algorithms.

More details can be found at
All SDX and SSC software built on or after March 6, 2003, will perform the MAC checksum calculation on all packets, including packets with incorrect block cipher padding. This minimizes the amount of information leaked, since error reporting will take the same amount of time for both error types.
Customers should install one of the following releases of SSC or SDX:
  • SDX 3.1.1p1
  • SSC 3.0.1p1
  • SSC 2.0.5p1

ýAdditional Assistance For further information, please contact the Juniper Networks Technical Assistance Center (JTAC).

E-mail :
Phone : 978-589-9000 or 888-314-JTAC (U.S. and Canada)
Severity Level:
Severity Assessment:
No known exploit of this vulnerability exists.

Related Links

Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search