Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2015-5361Inadequate Encryption Strength in Juniper Junos

CWE-326Inadequate Encryption Strength4 documents4 sources
Severity
6.5MEDIUMNVD
EPSS
0.1%
top 68.03%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Juniper Junos
Timeline
PublishedFeb 28
Latest updateMay 24

Description

Background For regular, unencrypted FTP traffic, the FTP ALG can inspect the unencrypted control channel and open related sessions for the FTP data channel. These related sessions (gates) are specific to source and destination IPs and ports of client and server. The design intent of the ftps-extensions option (which is disabled by default) is to provide similar functionality when the SRX secures the FTP/FTPS client. As the control channel is encrypted, the FTP ALG cannot inspect the port specifi

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:NExploitability: 3.9 | Impact: 2.5

Affected Packages1 packages

NVDjuniper/junos6 versions+5

🔴Vulnerability Details

2
GHSA
GHSA-x6c6-rqqc-c89m: Background For regular, unencrypted FTP traffic, the FTP ALG can inspect the unencrypted control channel and open related sessions for the FTP data ch2022-05-24
CVEList
Junos: FTPS through SRX opens up wide range of data channel TCP ports2020-02-28

💥Exploits & PoCs

1
Exploit-DB
Qlikview 11.20 SR11 - Blind XML External Entity Injection2015-09-09
CVE-2015-5361 — Inadequate Encryption Strength | cvebase