Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

2014-05 Security Bulletin: NSM: Remote code execution vulnerability (CVE-2014-3411)

0

0

Article ID: JSA10625 SECURITY_ADVISORIES Last Updated: 14 May 2014Version: 1.0
Product Affected:
NSM3000, NSMExpress platforms and NSM software releases
Problem:
A vulnerability in the NSM XDB service on devices with NSM versions prior to 2012.2R8 may allow a remote unauthenticated attacker to run arbitrary code with root privileges on the device. Compromise of the NSM device may allow an attacker to gain control of other devices managed by NSM.

This issue was discovered by an external security researcher.

Juniper SIRT is not aware of any malicious exploitation of this vulnerability.

No other Juniper Networks products or platforms are affected by this issue.

This issue has been assigned CVE-2014-3411.
Solution:
The following software releases have been updated to resolve this specific issue:
  • NSM 2012.2R8 and all subsequent releases (i.e. all releases built after 2012.2R8).

This issue is being tracked as PR 965082 and is visible on the Customer Support website.

KB16765 - "In which releases are vulnerabilities fixed?" describes which release vulnerabilities are fixed as per our End of Engineering and End of Life support policies.
Workaround:
Use access lists or firewall filters to limit access to the NSM device only from trusted hosts. Please refer to KB25681.
Implementation:
NSM Software releases are available from http://www.juniper.net/support/downloads/?p=nsm#sw.
CVSS Score:
10 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Severity Level:
Critical
Severity Assessment:
We consider this to be a critical issue. A remote network based attacker can get complete access to NSM or other devices managed by NSM.
Acknowledgements:
Juniper SIRT would like to acknowledge an anonymous researcher working with HP TippingPoint Zero Day Initiative (ZDI) for responsibly reporting this vulnerability.

Related Links

Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search