Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

2013-05 Security Bulletin: Steel Belted Radius: OpenSSL vulnerability CVE-2012-2110

0

0

Article ID: JSA10569 SECURITY_ADVISORIES Last Updated: 05 Mar 2017Version: 3.0
Legacy Advisory Id:
PSN-2013-05-941
Product Affected:
Steel-Belted Radius Enterprise, Steel-Belted Radius Global Enterprise, Steel-Belted Radius Carrier
Problem:
OpenSSL software provided with Steel-Belted Radius (SBR) Enterprise and Steel-Belted Radius (SBR) Carrier is vulnerable to CVE-2012-2110. This may allow code execution type of attacks using crafted certificates.

Solution:
  • SBR Enterprise, SBR Global Enterprise: Fixed in 6.17 or later
  • SBR Carrier: Fixes are available for 7.3.1, 7.4.1, 7.5.0 through regular JTAC support channels.
Workaround:
There are no known workarounds that can mitigate the issue listed in this bulletin for SBR products.
Implementation:

Modification History:
Modification History:

2017-03-05: Category restructure.

CVSS Score:
7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Severity Level:
High
Acknowledgements:

Related Links

Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search