Lucene search

[email protected]NVD:CVE-2013-5097

HistoryAug 16, 2013 - 2:01 p.m.

CVE-2013-5097

2013-08-1614:01:36

CWE-264

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

AI Score

5.9

Confidence

Low

EPSS

0.001

Percentile

46.5%

JSON

Juniper Junos Space before 13.1R1.6, as used on the JA1500 appliance and in other contexts, does not properly restrict access to the list of user accounts and their MD5 password hashes, which makes it easier for remote authenticated users to obtain sensitive information via a dictionary attack, aka PR 879462.

Affected configurations

NVD

Node

juniperjunos_spaceMatch11.1

juniperjunos_spaceMatch11.2

juniperjunos_spaceMatch11.3

juniperjunos_spaceMatch11.4

juniperjunos_spaceMatch12.1

juniperjunos_spaceMatch12.2

juniperjunos_spaceMatch12.3

AND

juniperjunos_space_virtual_applianceMatch-

juniperjunos_space_ja1500_applianceMatch-

References

kb.juniper.net/JSA10585

www.securitytracker.com/id/1028923

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

AI Score

5.9

Confidence

Low

EPSS

0.001

Percentile

46.5%

JSON

Related for NVD:CVE-2013-5097

prion1 cvelist1 cve1 nessus1