CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
Confidence
Low
EPSS
Percentile
79.8%
The default installation of NetScreen-Security Manager before Feature Pack 1 does not enable encryption for communication with devices running ScreenOS 5.0, which allows remote attackers to obtain sensitive information via sniffing.
Vendor | Product | Version | CPE |
---|---|---|---|
juniper | netscreen-security_manager_2004 | * | cpe:2.3:a:juniper:netscreen-security_manager_2004:*:*:*:*:*:*:*:* |
secunia.com/advisories/10675
www.juniper.net/support/security/alerts/58290.txt
www.kb.cert.org/vuls/id/927630
www.kb.cert.org/vuls/id/CRDY-5VEU8N
www.netscreen.com/services/security/alerts/1_19_04_58290.jsp
www.osvdb.org/3613
www.securityfocus.com/bid/9455
exchange.xforce.ibmcloud.com/vulnerabilities/14886