|Submitted||Dec. 19, 2015|
MuckRock users can file, duplicate, track, and share public records requests like this one. Learn more.
To Whom It May Concern:
This is a request under the Freedom of Information Act. I hereby request the following records:
Disclosure timeline and decision making rationale for disclosure of Juniper ScreenOS keying vulnerability Dec-2015, "Unauthorized code in ScreenOS that could allow a knowledgeable attacker to gain administrative access to NetScreen® devices and to decrypt VPN connections. ", as part of the Vulnerabilities Equities Process. Please include timeline for initial discovery with source of discovery, first operational use, and finally, date for vendor notification. See https://forums.juniper.net/t5/Security-Incident-Response/Important-Announcement-about-ScreenOS/ba-p/285554 for context regarding this vulnerability. Thank you!
The requested documents will be made available to the general public, and this request is not being made for commercial purposes.
In the event that there are fees, I would be grateful if you would inform me of the total charges in advance of fulfilling my request. I would prefer the request filled electronically, by e-mail attachment if available or CD-ROM, DVD-R, or BD-R if not.
Thank you in advance for your anticipated cooperation in this matter. I look forward to receiving your response to this request within 20 business days, as the statute requires.
The request has been rejected, with the agency stating that it can neither confirm nor deny the existence of the requested documents.