CVE-2021-31352
published 2021-10-19CVE-2021-31352: An Information Exposure vulnerability in Juniper Networks SRC Series devices configured for NETCONF over SSH permits the negotiation of weak ciphers, which…
medium5.3CVSS 3.1
AVNACLPRNUINSUCLINAN
An Information Exposure vulnerability in Juniper Networks SRC Series devices configured for NETCONF over SSH permits the negotiation of weak ciphers, which could allow a remote attacker to obtain sensitive information. A remote attacker with read and write access to network data could exploit this vulnerability to display plaintext bits from a block of ciphertext and obtain sensitive information. This issue affects all Juniper Networks SRC Series versions prior to 4.13.0-R6.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| juniper | session_and_resource_control | < 4.130r6 | 4.130r6 |
| juniper_networks | src_series | >= unspecified < 4.13.0-R6 | 4.13.0-R6 |