An attacker could exploit this vulnerability by sending a series of unauthenticated requests to the reverse proxy. This vulnerability is due to improper IP address filtering by the reverse proxy. This issue affects Juniper Networks Junos OS on SRX Series: All versions prior to 19.3R3-S7 19.4 versions prior to 19.4R2-S8, 19.4R3-S10 20.2 versions prior to 20.2R3-S6 20.3 versions prior to 20.3R3-S5 20.4 versions prior to 20.4R3-S5 21.1 versions prior to 21.1R3-S4 21.2 versions prior to 21.2R3 21.3 versions prior to 21.3R3 21.4 versions prior to 21.4R2.Ī vulnerability in the nginx configurations that are provided as part of the VPN-less reverse proxy for Cisco Finesse could allow an unauthenticated, remote attacker to create a denial of service (DoS) condition for new and existing users who are connected through a load balancer. Eventually the flowd process will crash and restart. In an IPsec VPN environment, a memory leak will be seen if a DH or ECDH group is configured. A Missing Release of Memory after Effective Lifetime vulnerability in the Flow Processing Daemon (flowd) of Juniper Networks Junos OS allows a network-based, unauthenticated attacker to cause a Denial of Service (DoS).
0 kommentar(er)
