Details of VAR-201512-0518

ID

VAR-201512-0518

CVE

CVE-2015-7755

TITLE

Juniper ScreenOS contains multiple vulnerabilities

Trust: 0.8

sources: CERT/CC: VU#640184

DESCRIPTION

Juniper ScreenOS 6.2.0r15 through 6.2.0r18, 6.3.0r12 before 6.3.0r12b, 6.3.0r13 before 6.3.0r13b, 6.3.0r14 before 6.3.0r14b, 6.3.0r15 before 6.3.0r15b, 6.3.0r16 before 6.3.0r16b, 6.3.0r17 before 6.3.0r17b, 6.3.0r18 before 6.3.0r18b, 6.3.0r19 before 6.3.0r19b, and 6.3.0r20 before 6.3.0r21 allows remote attackers to obtain administrative access by entering an unspecified password during a (1) SSH or (2) TELNET session. Juniper Networks ScreenOS versions 6.2.0r15 through 6.2.0r18 and 6.3.0r12 through 6.3.0r20 allow for an attacker to monitor and decrypt VPN traffic. ScreenOS is an operating system developed by Juniper Networks in the United States, and it mainly runs on the NetScreen series of firewall products. Successful exploits may allow an attacker to obtain sensitive information or gain unauthorized administrative access. This may aid in further attacks

Trust: 3.42

sources: NVD: CVE-2015-7755 // CERT/CC: VU#640184 // JVNDB: JVNDB-2015-006494 // CNVD: CNVD-2015-08307 // BID: 79626 // VULHUB: VHN-85716 // VULHUB: VHN-85717 // VULMON: CVE-2015-7755

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2015-08307

AFFECTED PRODUCTS

vendor:	juniper	model:	screenos	scope:	eq	version:	6.3.0	Trust: 1.6
vendor:	juniper	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	juniper	model:	screenos	scope:	eq	version:	6.3.0r17 to 6.3.0r20	Trust: 0.8
vendor:	juniper	model:	networks screenos 6.2.0r15-6.2.0r18	scope:	-	version:	-	Trust: 0.6
vendor:	juniper	model:	networks screenos 6.3.0r12-6.3.0r20	scope:	-	version:	-	Trust: 0.6

sources: CERT/CC: VU#640184 // CNVD: CNVD-2015-08307 // JVNDB: JVNDB-2015-006494 // CNNVD: CNNVD-201512-540 // NVD: CVE-2015-7755

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2015-7755
value:	HIGH
Trust: 1.0
NVD:	CVE-2015-7755
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2015-08307
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201512-540
value:	CRITICAL
Trust: 0.6
VULHUB:	VHN-85716
value:	HIGH
Trust: 0.1
VULHUB:	VHN-85717
value:	MEDIUM
Trust: 0.1
VULMON:	CVE-2015-7755
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2015-7755
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
CNVD:	CNVD-2015-08307
severity:	HIGH
baseScore:	8.3
vectorString:	AV:A/AC:L/AU:N/C:C/I:C/A:C
accessVector:	ADJACENT_NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	6.5
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-85716
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1
VULHUB:	VHN-85717
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: CNVD: CNVD-2015-08307 // VULHUB: VHN-85716 // VULHUB: VHN-85717 // VULMON: CVE-2015-7755 // JVNDB: JVNDB-2015-006494 // CNNVD: CNNVD-201512-540 // NVD: CVE-2015-7755

PROBLEMTYPE DATA

problemtype:	CWE-287	Trust: 1.9
problemtype:	CWE-310	Trust: 0.1

sources: VULHUB: VHN-85716 // VULHUB: VHN-85717 // JVNDB: JVNDB-2015-006494 // NVD: CVE-2015-7755

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201512-540

TYPE

authorization issue

Trust: 0.6

sources: CNNVD: CNNVD-201512-540

CONFIGURATIONS

sources: JVNDB: JVNDB-2015-006494

PATCH

title:	IMPORTANT JUNIPER SECURITY ANNOUNCEMENT	url:	https://forums.juniper.net/t5/Security-Incident-Response/Important-Announcement-about-ScreenOS/ba-p/285554	Trust: 0.8
title:	JSA10713	url:	http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10713&actp=search	Trust: 0.8
title:	Patch for Juniper Networks ScreenOS has a backdoor vulnerability (CNVD-2015-08307)	url:	https://www.cnvd.org.cn/patchInfo/show/68607	Trust: 0.6
title:	Juniper Networks ScreenOS Remediation measures for authorization problem vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=59309	Trust: 0.6
title:	-	url:	https://www.theregister.co.uk/2016/01/26/juniper_us_government/	Trust: 0.2
title:	backdoor-museum	url:	https://github.com/cranelab/backdoor-museum	Trust: 0.1
title:	CVE-2015-7755-POC	url:	https://github.com/cinno/CVE-2015-7755-POC	Trust: 0.1
title:	netscreen-shodan-scanner	url:	https://github.com/juliocesarfort/netscreen-shodan-scanner	Trust: 0.1
title:	juniper-cve-2015-7755	url:	https://github.com/hdm/juniper-cve-2015-7755	Trust: 0.1
title:	-	url:	https://www.bleepingcomputer.com/news/security/backdoor-found-in-80-sony-surveillance-camera-models/	Trust: 0.1
title:	-	url:	https://securelist.com/threat-intelligence-report-for-the-telecommunications-industry/75846/	Trust: 0.1
title:	-	url:	https://www.theregister.co.uk/2015/12/20/juniper_details_two_attacks_from_unauthorised_code/	Trust: 0.1

sources: CNVD: CNVD-2015-08307 // VULMON: CVE-2015-7755 // JVNDB: JVNDB-2015-006494 // CNNVD: CNNVD-201512-540

EXTERNAL IDS

db:	NVD	id:	CVE-2015-7755	Trust: 4.4
db:	JUNIPER	id:	JSA10713	Trust: 3.2
db:	CERT/CC	id:	VU#640184	Trust: 2.8
db:	BID	id:	79626	Trust: 1.4
db:	SECTRACK	id:	1034489	Trust: 1.2
db:	JVN	id:	JVNVU94797797	Trust: 0.8
db:	JVNDB	id:	JVNDB-2015-006494	Trust: 0.8
db:	CNNVD	id:	CNNVD-201512-540	Trust: 0.7
db:	CNVD	id:	CNVD-2015-08307	Trust: 0.6
db:	SEEBUG	id:	SSVID-90141	Trust: 0.1
db:	VULHUB	id:	VHN-85716	Trust: 0.1
db:	CNNVD	id:	CNNVD-201512-541	Trust: 0.1
db:	SEEBUG	id:	SSVID-90140	Trust: 0.1
db:	VULHUB	id:	VHN-85717	Trust: 0.1
db:	VULMON	id:	CVE-2015-7755	Trust: 0.1

sources: CERT/CC: VU#640184 // CNVD: CNVD-2015-08307 // VULHUB: VHN-85716 // VULHUB: VHN-85717 // VULMON: CVE-2015-7755 // BID: 79626 // JVNDB: JVNDB-2015-006494 // CNNVD: CNNVD-201512-540 // NVD: CVE-2015-7755

REFERENCES

url:	http://www.kb.cert.org/vuls/id/640184	Trust: 2.0
url:	https://forums.juniper.net/t5/security-incident-response/important-announcement-about-screenos/ba-p/285554	Trust: 1.8
url:	http://arstechnica.com/security/2015/12/unauthorized-code-in-juniper-firewalls-decrypts-encrypted-vpn-traffic/	Trust: 1.8
url:	http://www.forbes.com/sites/thomasbrewster/2015/12/18/juniper-says-it-didnt-work-with-government-to-add-unauthorized-code-to-network-gear/	Trust: 1.8
url:	http://www.wired.com/2015/12/juniper-networks-hidden-backdoors-show-the-risk-of-government-backdoors/	Trust: 1.8
url:	https://adamcaudill.com/2015/12/17/much-ado-about-juniper/	Trust: 1.8
url:	https://github.com/hdm/juniper-cve-2015-7755	Trust: 1.8
url:	http://twitter.com/cryptoron/statuses/677900647560253442	Trust: 1.7
url:	https://kb.juniper.net/infocenter/index?page=content&id=jsa10713&cat=sirt_1&actp=list	Trust: 1.6
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7755	Trust: 1.6
url:	http://kb.juniper.net/infocenter/index?page=content&id=jsa10713	Trust: 1.6
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-7755	Trust: 1.4
url:	http://www.securitytracker.com/id/1034489	Trust: 1.2
url:	http://www.securityfocus.com/bid/79626	Trust: 1.1
url:	http://kb.juniper.net/infocenter/index?page=content&id=kb16765&actp=search	Trust: 0.8
url:	http://kb.juniper.net/infocenter/index?page=content&id=kb16446&actp=search	Trust: 0.8
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7756	Trust: 0.8
url:	http://blog.cryptographyengineering.com/2015/12/on-juniper-backdoor.html	Trust: 0.8
url:	https://rpw.sh/blog/2015/12/21/the-backdoored-backdoor/	Trust: 0.8
url:	http://jvn.jp/vu/jvnvu94797797/index.html	Trust: 0.8
url:	http://kb.juniper.net/infocenter/index?page=content&id=jsa10713&actp=search	Trust: 0.6
url:	http://kb.juniper.net/infocenter/index?page=content&id=jsa10713	Trust: 0.2

sources: CERT/CC: VU#640184 // CNVD: CNVD-2015-08307 // VULHUB: VHN-85716 // VULHUB: VHN-85717 // JVNDB: JVNDB-2015-006494 // CNNVD: CNNVD-201512-540 // NVD: CVE-2015-7755

CREDITS

The vendor reported these issues.

Trust: 0.3

sources: BID: 79626

SOURCES

db:	CERT/CC	id:	VU#640184
db:	CNVD	id:	CNVD-2015-08307
db:	VULHUB	id:	VHN-85716
db:	VULHUB	id:	VHN-85717
db:	VULMON	id:	CVE-2015-7755
db:	BID	id:	79626
db:	JVNDB	id:	JVNDB-2015-006494
db:	CNNVD	id:	CNNVD-201512-540
db:	NVD	id:	CVE-2015-7755

LAST UPDATE DATE

2024-11-23T22:13:21.502000+00:00

SOURCES UPDATE DATE

db:	CERT/CC	id:	VU#640184	date:	2015-12-22T00:00:00
db:	CNVD	id:	CNVD-2015-08307	date:	2020-03-10T00:00:00
db:	VULHUB	id:	VHN-85716	date:	2016-12-07T00:00:00
db:	VULHUB	id:	VHN-85717	date:	2016-12-07T00:00:00
db:	VULMON	id:	CVE-2015-7755	date:	2016-12-07T00:00:00
db:	BID	id:	79626	date:	2016-01-04T02:28:00
db:	JVNDB	id:	JVNDB-2015-006494	date:	2015-12-22T00:00:00
db:	CNNVD	id:	CNNVD-201512-540	date:	2015-12-22T00:00:00
db:	NVD	id:	CVE-2015-7755	date:	2024-11-21T02:37:20.520

SOURCES RELEASE DATE

db:	CERT/CC	id:	VU#640184	date:	2015-12-21T00:00:00
db:	CNVD	id:	CNVD-2015-08307	date:	2015-12-21T00:00:00
db:	VULHUB	id:	VHN-85716	date:	2015-12-19T00:00:00
db:	VULHUB	id:	VHN-85717	date:	2015-12-19T00:00:00
db:	VULMON	id:	CVE-2015-7755	date:	2015-12-19T00:00:00
db:	BID	id:	79626	date:	2015-12-17T00:00:00
db:	JVNDB	id:	JVNDB-2015-006494	date:	2015-12-22T00:00:00
db:	CNNVD	id:	CNNVD-201512-540	date:	2015-12-21T00:00:00
db:	NVD	id:	CVE-2015-7755	date:	2015-12-19T14:59:01.453