Vulnerability Details CVE-2021-31352
An Information Exposure vulnerability in Juniper Networks SRC Series devices configured for NETCONF over SSH permits the negotiation of weak ciphers, which could allow a remote attacker to obtain sensitive information. A remote attacker with read and write access to network data could exploit this vulnerability to display plaintext bits from a block of ciphertext and obtain sensitive information. This issue affects all Juniper Networks SRC Series versions prior to 4.13.0-R6.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 32.7%
CVSS Severity
CVSS v3 Score 5.3
CVSS v2 Score 5.0
Products affected by CVE-2021-31352
-
cpe:2.3:a:juniper:session_and_resource_control:4.12.0r1
-
cpe:2.3:a:juniper:session_and_resource_control:4.12.0r2
-
cpe:2.3:a:juniper:session_and_resource_control:4.12.0r3
-
cpe:2.3:a:juniper:session_and_resource_control:4.12.0r4
-
cpe:2.3:a:juniper:session_and_resource_control:4.12.0r5
-
cpe:2.3:a:juniper:session_and_resource_control:4.12.0r6
-
cpe:2.3:a:juniper:session_and_resource_control:4.13.0r1
-
cpe:2.3:a:juniper:session_and_resource_control:4.13.0r3
-
cpe:2.3:a:juniper:session_and_resource_control:4.13.0r5
-
cpe:2.3:a:juniper:session_and_resource_control:4.13.0r6