漏洞类别:Hardware
漏洞等级: 
漏洞信息
Juniper JUNOS is the network operating system used in Juniper Networks hardware systems.
MACsec feature on Juniper Networks Junos OS 15.1X49 prior to 15.1X49-D100 on SRX300 series does not report errors when a secure link can not be established. It falls back to an unencrypted link. This can happen when MACsec is configured on ports that are not capable of MACsec or when a secure link can not be established. This can mislead customers into believing that a link is secure.
Affected Version
Junos OS 15.1X49 prior to 15.1X49-D100 on SRX300 series.
漏洞危害
On failure of establishment of secure link It falls back to an un-encrypted link causing mislead to users into believing that a link is secure.
解决方案
The following software releases have been updated to resolve this specific issue:15.1X49-D100 and all subsequent releases.
Workaround:
There are no viable workarounds for this issue.
It is good security practice to limit the exploitable attack surface of critical infrastructure networking equipment. Use access lists or firewall filters to limit access to the device from trusted, administrative networks or hosts.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
0daybank
文章评论