Lucene search
Copyright (C) 2015 Greenbone AGOPENVAS:1361412562310105950HistoryJan 23, 2015 - 12:00 a.m.
Juniper Networks Junos OS SSLv3 POODLE Vulnerability
2015-01-2300:00:00
Copyright (C) 2015 Greenbone AG
plugins.openvas.org
75
3.4 Low
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
5 Medium
AI Score
Confidence
Low
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
0.975 High
EPSS
Percentile
100.0%
Junos OS is prone to a OpenSSL information disclosure
vulnerability, also known as the
# SPDX-FileCopyrightText: 2015 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
CPE = "cpe:/o:juniper:junos";
if (description)
{
script_oid("1.3.6.1.4.1.25623.1.0.105950");
script_cve_id("CVE-2014-3566");
script_tag(name:"cvss_base", value:"4.3");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:P/I:N/A:N");
script_version("2023-07-25T05:05:58+0000");
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
script_name("Juniper Networks Junos OS SSLv3 POODLE Vulnerability");
script_xref(name:"URL", value:"http://kb.juniper.net/JSA10656");
script_tag(name:"summary", value:"Junos OS is prone to a OpenSSL information disclosure
vulnerability, also known as the 'POODLE' vulnerability.");
script_tag(name:"impact", value:"The vulnerability makes it easier for a man in the middle
attacker to obtain cleartext data.");
script_tag(name:"insight", value:"The SSL protocol 3.0 (SSLv3) uses nondeterministic CBC
padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a
padding-oracle attack.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable OS build is present on the target host.");
script_tag(name:"solution", value:"New builds of Junos OS software are available from Juniper.");
script_tag(name:"affected", value:"Junos OS 11.4, 12.1, 12.3, 13.2, 13.3, 14.1 and 14.2");
script_tag(name:"last_modification", value:"2023-07-25 05:05:58 +0000 (Tue, 25 Jul 2023)");
script_tag(name:"severity_vector", value:"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N");
script_tag(name:"severity_origin", value:"NVD");
script_tag(name:"severity_date", value:"2021-06-16 12:15:00 +0000 (Wed, 16 Jun 2021)");
script_tag(name:"creation_date", value:"2015-01-23 10:26:21 +0700 (Fri, 23 Jan 2015)");
script_category(ACT_GATHER_INFO);
script_family("JunOS Local Security Checks");
script_copyright("Copyright (C) 2015 Greenbone AG");
script_dependencies("gb_juniper_junos_consolidation.nasl");
script_mandatory_keys("juniper/junos/detected");
exit(0);
}
include("host_details.inc");
include("revisions-lib.inc");
if (!version = get_app_version(cpe: CPE, nofork: TRUE))
exit(0);
if (revcomp(a:version, b:"11.4R13") < 0) {
security_message(port:0, data:version);
exit(0);
}
if (version =~ "^12") {
if (revcomp(a:version, b:"12.1X44-D45") < 0) {
security_message(port:0, data:version);
exit(0);
}
else if ((revcomp(a:version, b:"12.1X46-D26") < 0) &&
(revcomp(a:version, b:"12.1X46") >= 0)) {
security_message(port:0, data:version);
exit(0);
}
else if ((revcomp(a:version, b:"12.1X47-D20") < 0) &&
(revcomp(a:version, b:"12.1X47") >= 0)) {
security_message(port:0, data:version);
exit(0);
}
else if ((revcomp(a:version, b:"12.3R9") < 0) &&
(revcomp(a:version, b:"12.3") >= 0)) {
security_message(port:0, data:version);
exit(0);
}
else if ((revcomp(a:version, b:"12.3X48-D10") < 0) &&
(revcomp(a:version, b:"12.3X") >= 0)) {
security_message(port:0, data:version);
exit(0);
}
}
if (version =~ "^13") {
if (revcomp(a:version, b:"13.2R7") < 0) {
security_message(port:0, data:version);
exit(0);
}
else if ((revcomp(a:version, b:"13.3R5") < 0) &&
(revcomp(a:version, b:"13.3") >= 0)) {
security_message(port:0, data:version);
exit(0);
}
}
if (version =~ "^14") {
if (revcomp(a:version, b:"14.1R4") < 0) {
security_message(port:0, data:version);
exit(0);
}
else if ((revcomp(a:version, b:"14.1X53-D20") < 0) &&
(revcomp(a:version, b:"14.1X") >= 0)) {
security_message(port:0, data:version);
exit(0);
}
else if ((revcomp(a:version, b:"14.2R2") < 0) &&
(revcomp(a:version, b:"14.2") >= 0)) {
security_message(port:0, data:version);
exit(0);
}
}
exit(99);
References
Related
ibm
ibm
fedora
fedora
[SECURITY] Fedora 19 Update: libetpan-1.6-1.fc19
2015-01-05 07:36:19
[SECURITY] Fedora 22 Update: fossil-1.33-1.fc22
2015-10-15 03:51:23
[SECURITY] Fedora 21 Update: subscription-manager-1.13.6-1.fc21
2014-11-10 06:34:40
nessus
nessus
Fedora 19 : python-rhsm-1.13.6-1.fc19 (2014-13794)
2014-11-07 00:00:00
Fedora 21 : claws-mail-3.11.1-2.fc21 / claws-mail-plugins-3.11.1-1.fc21 / libetpan-1.6-1.fc21 (2014-14217) (POODLE)
2014-11-11 00:00:00
AIX 7.1 TL 2 : nettcp (IV73974) (POODLE)
2015-06-19 00:00:00
suse
suse
Security update for suseRegister (important)
2015-01-05 21:04:43
redhat
redhat
(RHSA-2014:1653) Moderate: openssl security update
2014-10-16 00:00:00
(RHSA-2015:1546) Important: node.js security update
2015-08-04 00:00:00
(RHSA-2015:1545) Important: node.js security update
2015-08-04 00:00:00
centos
centos
openssl security update
2014-10-16 15:21:39
cisco
cisco
SSL Padding Oracle On Downgraded Legacy Encryption (POODLE) Vulnerability
2014-10-15 18:30:00
openvas
openvas
Fedora Update for asterisk FEDORA-2014-15621
2015-01-05 00:00:00
Fedora Update for nodejs FEDORA-2014-15411
2015-01-05 00:00:00
Debian: Security Advisory (DSA-3489-1)
2016-03-08 00:00:00
seebug
seebug
SSL 3.0 POODLE(CVE-2014-3566)
2017-02-17 00:00:00
osv
osv
lighttpd - security update
2015-07-25 00:00:00
lighttpd - security update
2016-02-23 00:00:00
hackerone
hackerone
New Relic: SSL Padding Oracle On Downgraded Legacy Encryption (POODLE) Vulnerability
2017-03-26 19:08:23
MariaDB: smtp service vulnerable to POODLE SSLv3
2019-03-24 06:26:55
citrix
citrix
CVE-2014-3566 - Citrix Security Advisory for SSLv3 Protocol Flaw
2014-10-14 04:00:00
f5
f5
K15702 : SSLv3 vulnerability CVE-2014-3566
2015-09-18 00:00:00
veracode
veracode
Information Disclosure
2017-02-07 00:05:45
POODLE Attack
2017-04-27 06:54:17
Information Disclosure
2019-01-15 08:54:41
cert
cert
POODLE vulnerability in SSL 3.0
2014-10-17 00:00:00
amazon
amazon
Important: openssl
2014-10-14 22:32:00
checkpoint_security
checkpoint_security
Check Point response to the POODLE Bites vulnerability (CVE-2014-3566)
2014-10-13 21:00:00
fortinet
fortinet
SSL v3 "POODLE" Vulnerability
2014-10-15 00:00:00
securityvulns
securityvulns
TA14-290A: SSL 3.0 Protocol Vulnerability and POODLE Attack
2014-10-18 00:00:00
APPLE-SA-2014-10-16-4 OS X Server v3.2.2
2014-10-18 00:00:00
prion
prion
Code injection
2014-10-15 00:55:00
huawei
huawei
Security Advisory-SSLv3 POODLE Vulnerability in Huawei Products
2014-12-15 00:00:00
aix
aix
Vulnerability in SSLv3 affects AIX,Vulnerability in SSLv3 affects VIOS
2015-06-17 09:52:06
debian
debian
[SECURITY] [DSA 3489-1] lighttpd security update
2016-02-23 18:26:27
freebsd
freebsd
asterisk -- Asterisk Susceptibility to POODLE Vulnerability
2014-10-20 00:00:00
checkpoint_advisories
checkpoint_advisories
Secure Socket Layer (SSL) Version 3.0 (CVE-2014-3566)
2014-10-15 00:00:00
3.4 Low
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
5 Medium
AI Score
Confidence
Low
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
0.975 High
EPSS
Percentile
100.0%
Related for OPENVAS:1361412562310105950