Paragon Active Assurance: Enabling the timescaledb enables IP forwarding
CVE-2023-28971

7.2HIGH

Key Information:

Vendor: Juniper Networks
Status: Paragon Active Assurance
Vendor: CVE Published:; 17 April 2023

Summary

A vulnerability exists in the timescaledb feature of Juniper Networks' Paragon Active Assurance that allows attackers to bypass critical firewall restrictions set for internal communications. This issue primarily affects customers managing their own on-premises Control Centers, where the timescaledb feature, when activated, disrupts existing firewall configurations. This results in unintended communication pathways between Test Agents and the Control Center, potentially exposing sensitive internal data. It's crucial to note that this vulnerability does not impact customers utilizing the Software as a Service (SaaS) version of Paragon Active Assurance, as the problematic service is not enabled.

Affected Version(s)

Paragon Active Assurance < 4.1.2

References

https://supportportal.juniper.net/JSA70595

CVSS V3.1

Score:

7.2

Severity:

HIGH

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Apr 17, 2023
Vulnerability Reserved
Mar 29, 2023