CVE-2019-0039

10.04.2019, 20:29

If REST API is enabled, the Junos OS login credentials are vulnerable to brute force attacks. The high default connection limit of the REST API may allow an attacker to brute-force passwords using advanced scripting techniques. Additionally, administrators who do not enforce a strong password policy can increase the likelihood of success from brute force attacks. Affected releases are Juniper Networks Junos OS: 14.1X53 versions prior to 14.1X53-D49; 15.1 versions prior to 15.1F6-S12, 15.1R7-S3; 15.1X49 versions prior to 15.1X49-D160; 15.1X53 versions prior to 15.1X53-D236, 15.1X53-D495, 15.1X53-D591, 15.1X53-D69; 16.1 versions prior to 16.1R3-S10, 16.1R4-S12, 16.1R6-S6, 16.1R7-S3; 16.1X65 versions prior to 16.1X65-D49; 16.2 versions prior to 16.2R2-S7; 17.1 versions prior to 17.1R2-S10, 17.1R3; 17.2 versions prior to 17.2R1-S8, 17.2R3-S1; 17.3 versions prior to 17.3R3-S2; 17.4 versions prior to 17.4R1-S6, 17.4R2-S2; 18.1 versions prior to 18.1R2-S4, 18.1R3-S1; 18.2 versions prior to 18.2R1-S5; 18.2X75 versions prior to 18.2X75-D30; 18.3 versions prior to 18.3R1-S1.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	8.1 HIGH	NETWORK	HIGH	NONE	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
juniper	CNA	5.3 MEDIUM	NETWORK	LOW	NONE	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 51%

Vendor	Product	Version
juniper	junos	14.1x53 ≤ 𝑥 < 14.1x53-d49
juniper	junos	15.1 ≤ 𝑥 < 15.1f6-s12
juniper	junos	15.1x49 ≤ 𝑥 < 15.1x49-d160
juniper	junos	15.1x53 ≤ 𝑥 < 15.1x53-d236
juniper	junos	16.1 ≤ 𝑥 < 16.1r3-s10
juniper	junos	16.1x65 ≤ 𝑥 < 16.1x65-d49
juniper	junos	16.2 ≤ 𝑥 < 16.2r2-s7
juniper	junos	17.1 ≤ 𝑥 < 17.1r2-s10
juniper	junos	17.2 ≤ 𝑥 < 17.2r1-s8
juniper	junos	17.3 ≤ 𝑥 < 17.3r3-s2
juniper	junos	17.4 ≤ 𝑥 < 17.4r1-s6
juniper	junos	18.1 ≤ 𝑥 < 18.1r2-s4
juniper	junos	18.2 ≤ 𝑥 < 18.2r1-s5
juniper	junos	18.2x75 ≤ 𝑥 < 18.2x75-d30
juniper	junos	18.3 ≤ 𝑥 < 18.3r1-s1

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-307 - Improper Restriction of Excessive Authentication Attempts
The product does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame, making it more susceptible to brute force attacks.

References

http://www.securityfocus.com/bid/107899

https://kb.juniper.net/JSA10928

http://www.securityfocus.com/bid/107899

https://kb.juniper.net/JSA10928