CVE-2019-0039Improper Restriction of Excessive Authentication Attempts in Networks Junos OS

CWE-307Improper Restriction of Excessive Authentication Attempts4 documents4 sources
Severity
8.1HIGHNVD
EPSS
0.3%
top 47.66%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Juniper Networks Junos OSJuniper JunosJuniper Junos OS
Timeline
PublishedApr 10
Latest updateMay 13

Description

If REST API is enabled, the Junos OS login credentials are vulnerable to brute force attacks. The high default connection limit of the REST API may allow an attacker to brute-force passwords using advanced scripting techniques. Additionally, administrators who do not enforce a strong password policy can increase the likelihood of success from brute force attacks. Affected releases are Juniper Networks Junos OS: 14.1X53 versions prior to 14.1X53-D49; 15.1 versions prior to 15.1F6-S12, 15.1R7-S3;

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 2.2 | Impact: 5.9

Affected Packages3 packages

CVEListV5juniper_networks/junos_os14.1X5314.1X53-D49+14
NVDjuniper/junos14.1x5314.1x53-d49+14

🔴Vulnerability Details

1
GHSA
GHSA-6q78-gprw-j4gg: If REST API is enabled, the Junos OS login credentials are vulnerable to brute force attacks2022-05-13

📋Vendor Advisories

1
Juniper
CVE-2019-0039: If REST API is enabled, the Junos OS login credentials are vulnerable to brute force attacks. The high default connection limit of the REST API may al2019-04-10

📐Framework References

1
CWE
Improper Restriction of Excessive Authentication Attempts
CVE-2019-0039 — Juniper Networks Junos OS vulnerability | cvebase