An Improper Certificate Validation weakness in the SRX Series Application Identification (app-id) signature update client of Juniper Networks Junos OS allows an attacker to perform Man-in-the-Middle (MitM) attacks which may compromise the integrity and confidentiality of the device. This issue affects: Juniper Networks Junos OS 15.1X49 versions prior to 15.1X49-D120 on SRX Series devices. No other versions of Junos OS are affected.
The product does not validate, or incorrectly validates, a certificate.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Junos | Juniper | 15.1x49 (including) | 15.1x49 (including) |
| Junos | Juniper | 15.1x49-d10 (including) | 15.1x49-d10 (including) |
| Junos | Juniper | 15.1x49-d100 (including) | 15.1x49-d100 (including) |
| Junos | Juniper | 15.1x49-d110 (including) | 15.1x49-d110 (including) |
| Junos | Juniper | 15.1x49-d20 (including) | 15.1x49-d20 (including) |
| Junos | Juniper | 15.1x49-d30 (including) | 15.1x49-d30 (including) |
| Junos | Juniper | 15.1x49-d35 (including) | 15.1x49-d35 (including) |
| Junos | Juniper | 15.1x49-d40 (including) | 15.1x49-d40 (including) |
| Junos | Juniper | 15.1x49-d45 (including) | 15.1x49-d45 (including) |
| Junos | Juniper | 15.1x49-d50 (including) | 15.1x49-d50 (including) |
| Junos | Juniper | 15.1x49-d55 (including) | 15.1x49-d55 (including) |
| Junos | Juniper | 15.1x49-d60 (including) | 15.1x49-d60 (including) |
| Junos | Juniper | 15.1x49-d65 (including) | 15.1x49-d65 (including) |
| Junos | Juniper | 15.1x49-d70 (including) | 15.1x49-d70 (including) |
| Junos | Juniper | 15.1x49-d75 (including) | 15.1x49-d75 (including) |
| Junos | Juniper | 15.1x49-d80 (including) | 15.1x49-d80 (including) |
| Junos | Juniper | 15.1x49-d90 (including) | 15.1x49-d90 (including) |