Operating System:

[Juniper]

Published:

29 January 2024

Protect yourself against future threats.

//Service

Early Warning SMS

Receive SMS notifications for the most critical security threats and vulnerabilities.

Read more
Resources > Security Bulletins > ESB-2024.0574 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2024.0574
        2024-01 Reference Advisory: Junos OS and Junos OS Evolved:
              Impact of Terrapin SSH Attack (CVE-2023-48795)
                              29 January 2024

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           Junos OS and Junos OS Evolved
Publisher:         Juniper Networks
Operating System:  Juniper
Resolution:        Patch/Upgrade
CVE Names:         CVE-2023-48795  

Original Bulletin: 
   https://supportportal.juniper.net/s/article/2024-01-Reference-Advisory-Junos-OS-and-Junos-OS-Evolved-Impact-of-Terrapin-SSH-Attack-CVE-2023-48795

Comment: CVSS (Max):  3.7 CVE-2023-48795 (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N)
         CVSS Source: Juniper Networks
         Calculator:  https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

- --------------------------BEGIN INCLUDED TEXT--------------------

Article ID:       JSA76462

Product Affected: This issue affects all versions of Junos OS and Junos OS
Evolved with the ChaCha20-poly1305 SSH cipher enabled.

Severity Level:   Low

CVSS Score:       3.7 (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N)

Problem:

An Improper Validation of Integrity Check Value vulnerability in OpenSSH before
9.6 of Juniper Networks Junos OS and Junos OS Evolved allows a remote attacker
to bypass integrity checks such that some packets are omitted (from the
extension negotiation message), and a client and server may consequently end up
with a connection for which some security features have been downgraded or
disabled, aka the Terrapin Attack.

The most serious identified impact is that it lets an on-path attacker delete
the SSH2_MSG_EXT_INFO message sent before authentication starts, allowing the
attacker to disable a subset of the keystroke timing obfuscation features
introduced in OpenSSH 9.5. There is no other discernable impact to session
secrecy or session integrity.

Since we do not use OpenSSH 9.5 in Junos OS or Junos OS Evolved, the impact of
this issue is limited to a stuck connection in the initial handshake stage.
Therefore, it is not as severe as the issue seen in OpenSSH 9.5

Note: This issue is only affected when an on-path attacker at the network layer
intercepts and modifies the handshake exchange, and the connection is secured
by either ChaCha20-Poly1305 or CBC with Encrypt-then-MAC.

Juniper SIRT is not aware of any malicious exploitation of this vulnerability.

This issue was discovered during external security research.

This issue has been assigned CVE-2023-48795 .

Solution:

This issue can be completely remediated by excluding the chacha20-poly1305
cipher from SSH and configuring the following ciphers for SSH:

user@junos# set system services ssh ciphers [aes128-gcm@openssh.com
    aes256-gcm@openssh.com]

The chacha20-poly1305 cipher has been hidden and deprecated in the following
releases:

Junos OS: 19.4R3-S13, 20.4R3-S10, 21.4R3-S6, 22.1R3-S5, 22.2R3-S3, 22.4R3-S1,
23.2R2, 23.4R2, 24.1R1, and all subsequent releases.
Junos OS Evolved: 19.4R3-S13, 20.4R3-S10, 21.4R3-S6, 22.1R3-S5, 22.2R3-S3,
22.4R3-S1, 23.2R2, 23.4R2, 24.1R1, and all subsequent releases.

This issue is being tracked as PR 1781732 which is visible on the Customer
Support website.

Note: Juniper SIRT's policy is not to evaluate releases which are beyond End of
Engineering (EOE) or End of Life (EOL).

Workaround:

See Solution section above for effective mitigation techniques.

Modification History:

  o 2024-01-25: Initial Publication.

Related Information:

  o KB16613: Overview of the Juniper Networks SIRT Quarterly Security Bulletin
    Publication Process
  o KB16765: In which releases are vulnerabilities fixed?
  o KB16446: Common Vulnerability Scoring System (CVSS) and Juniper's Security
    Advisories
  o Report a Security Vulnerability - How to Contact the Juniper Networks
    Security Incident Response Team
  o CVE-2023-48795 at cve.mitre.org

Acknowledgements

  o Researchers from the Ruhr University Bochum developed the Terrapin attack
    and also discovered exploitable implementation flaws in AsyncSSH.
  o Terrapin Attack: Breaking SSH Channel Integrity By Sequence Number
    Manipulation, Fabian Baumer, Marcus Brinkmann, Jorg Schwenk.

Last Updated: 2024-01-25
Created:      2024-01-25

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: https://auscert.org.au/gpg-key/

iQIVAwUBZbc5JckNZI30y1K9AQjgyA//ddrKcJZEUTr2mlsClczayjqSOe0zvp49
oA49KnBFEJGzD9pggG5NDSqkOyTdWvNZSKhwY0LqBs1z0p1lelVWo/m9XeXR5yTn
pBFheFvIgMNNf0yM2r4GmN9lPphyd0cZEoTRRZQ7XxI9DQ6vySfYObZbnND0gOVV
iLpNZRghEilroxZBPB8cZadYLwGD+zH4KGNQSBiJDK75hRFj9tOtzryEKKRmzOuO
b6GMtJf5Phf7mjRBymGEp1HV9LyoGFMtoG70lIQrq9XKI7/A7mKxxy68n8AAs6fL
TinTWBTQRqvyWnGiGi0PImsfJ2otwzZ5TCZ22vtUGV3KJQRztqM74btFMIiZFM5p
SlWEisxeccLJwbbVE5UNl6QMkxe0M7RXO0BInkxspVLoySiMXwnbCCWqFPpgZJDa
cL4MUUnMUsXqbZWmMYF11okGfNsBoTFryez6j13VO4K87kkd//4fjZlzP2cdfQuj
rA94NC4uouq4/LEfaJiRo2KUzavnKZgERtKbK3Jlel75WmtXkjMSZF2JvfxBMG0Q
aN7xCFIseJikctc+JjEurIiO/83njRheUHdxw7no45WctB/KBU0PBcltwTZWz7u0
NIU96qMAkF6tp/yVEfJtrkrot5O48zKr2PpXrARZbDuOtU5EjD29/4fTyWYzsjpK
CGvUoCDdBo0=
=vWks
-----END PGP SIGNATURE-----