2014-05 Security Bulletin: NSM: Remote code execution vulnerability (CVE-2014-3411)

  [JSA10625] Show Article Properties

Product Affected:
NSM3000, NSMExpress platforms and NSM software releases
A vulnerability in the NSM XDB service on devices with NSM versions prior to 2012.2R8 may allow a remote unauthenticated attacker to run arbitrary code with root privileges on the device. Compromise of the NSM device may allow an attacker to gain control of other devices managed by NSM.

This issue was discovered by an external security researcher.

Juniper SIRT is not aware of any malicious exploitation of this vulnerability.

No other Juniper Networks products or platforms are affected by this issue.

This issue has been assigned CVE-2014-3411.
The following software releases have been updated to resolve this specific issue:
  • NSM 2012.2R8 and all subsequent releases (i.e. all releases built after 2012.2R8).

This issue is being tracked as PR 965082 and is visible on the Customer Support website.

KB16765 - "In which releases are vulnerabilities fixed?" describes which release vulnerabilities are fixed as per our End of Engineering and End of Life support policies.
Use access lists or firewall filters to limit access to the NSM device only from trusted hosts. Please refer to KB25681.
NSM Software releases are available from http://www.juniper.net/support/downloads/?p=nsm#sw.
Related Links:
CVSS Score:
10 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Severity Level:
Severity Assessment:
We consider this to be a critical issue. A remote network based attacker can get complete access to NSM or other devices managed by NSM.
Juniper SIRT would like to acknowledge an anonymous researcher working with HP TippingPoint Zero Day Initiative (ZDI) for responsibly reporting this vulnerability.