virus logo Intrusion Prevention

Juniper.ScreenOS.Authentication.Backdoor

description-logoDescription

This indicates an attack attempt against a Security Bypass vulnerability in Juniper ScreenOS.
The vulnerability is caused by a design issue when the vulnerable software handles a SSH or TELNET request. It allows a remote attacker to bypass authentication via a crafted SSH or TELNET request.

affected-products-logoAffected Products

Juniper ScreenOS 6.2.0r15 through 6.2.0r18
Juniper ScreenOS 6.3.0r12 before 6.3.0r12b
Juniper ScreenOS 6.3.0r13 before 6.3.0r13b
Juniper ScreenOS 6.3.0r14 before 6.3.0r14b
Juniper ScreenOS 6.3.0r15 before 6.3.0r15b
Juniper ScreenOS 6.3.0r16 before 6.3.0r16b
Juniper ScreenOS 6.3.0r17 before 6.3.0r17b
Juniper ScreenOS 6.3.0r18 before 6.3.0r18b
Juniper ScreenOS 6.3.0r19 before 6.3.0r19b
Juniper ScreenOS 6.3.0r20 before 6.3.0r21

Impact logoImpact

Security Bypass: Remote attackers can bypass security checks of vulnerable systems.

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor.
https://forums.juniper.net/t5/Security-Incident-Response/Important-Announcement-about-ScreenOS/ba-p/285554

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

References

https://community.rapid7.com/community/infosec/blog/2015/12/20/cve-2015-7755-juniper-screenos-authentication-backdoor
ID 41951
Created Feb 24, 2016
Updated Apr 14, 2016
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon
CVE ID CVE-2015-7755
Exploit Prediction Score 97.05%
Default Action drop
Active
Affected OS Other
Affected App Other