Junos OS is prone to a OpenSSL man in the middle security bypass vulnerability.
An attacker may leverage a MITM attack and decrypt and modify traffic from attacked client and server. The attack can only be performed between a vulnerable client and server.
New builds of Junos OS software are available from Juniper.
An attacker using a carefully crafted handshake can force the use of weak keying material in OpenSSL SSL/TLS clients and servers which can be exploited to perform a man in the middle attack.
Junos OS 11.4, 12.1, 12.2, 12.3, 13.1, 13.2 and 13.3
Check the OS build.
Updated on 2015-03-25