Juniper Junos host-inbound-traffic Implicit Allow (PSN-2012-07-653)

medium Nessus Plugin ID 59997

Synopsis

The remote device does not properly enforce access control rules.

Description

According to its self-reported version number, the remote Junos device allows inbound SSH traffic even when 'host-inbound-traffic' is not explicitly configured to allow it.

Solution

Apply the relevant Junos upgrade referenced in Juniper advisory PSN-2012-07-653.

See Also

http://www.nessus.org/u?bf717656

Plugin Details

Severity: Medium

ID: 59997

File Name: juniper_psn-2012-07-653.nasl

Version: 1.9

Type: combined

Published: 7/17/2012

Updated: 8/8/2018

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: Medium

Base Score: 4

Temporal Score: 3

Vector: CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:N

Vulnerability Information

CPE: cpe:/o:juniper:junos

Required KB Items: Host/Juniper/model, Host/Juniper/JUNOS/Version

Patch Publication Date: 7/10/2012

Vulnerability Publication Date: 7/10/2012