{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"NetScreen-Security Manager 2004.","product":{"name":"Security","vendor":{"name":"ESET","scada":false}}}],"affected_systems_content":null,"content":"## Description\n\nL'installation par d\u00e9faut de NetScreen-Security Manager ne met pas en\n\u0153uvre de chiffrement lorsque celui-ci communique avec les divers\n\u00e9quipements NetScreen.\n\nCette vuln\u00e9rabilit\u00e9 permet \u00e0 un individu mal intentionn\u00e9 d'intercepter\nles donn\u00e9es de configuration transitant en clair sur le r\u00e9seau.\n\n## Solution\n\nActiver le chiffrement AES 128-bit entre le NetScreen-Security Manager\net les divers \u00e9quipements poss\u00e9dant ScreenOS 5.0 (cf. Documentation).\n","cves":[],"links":[],"reference":"CERTA-2004-AVI-015","revisions":[{"description":"version initiale.","revision_date":"2004-01-22T00:00:00.000000"}],"risks":[{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"}],"summary":"Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte lors de l'utilisation de\nNetScreen-Security Manager 2004 avec des \u00e9quipements poss\u00e9dant la\nversion 5.0 de ScreenOS.\n","title":"Vuln\u00e9rabilit\u00e9 dans NetScreen-Security Manager 2004","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 NetScreen #58290","url":"http://www.netscreen.com/services/security/alerts/58290.txt"}]}