Juniper Junos Space before 13.1R1.6, as used on the JA1500 appliance and in other contexts, does not properly restrict access to the list of user accounts and their MD5 password hashes, which makes it easier for remote authenticated users to obtain sensitive information via a dictionary attack, aka PR 879462.
References
Link | Resource |
---|---|
http://kb.juniper.net/JSA10585 | Patch |
http://www.securitytracker.com/id/1028923 |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2013-08-16T10:00:00
Updated: 2013-09-12T09:00:00
Reserved: 2013-08-09T00:00:00
Link: CVE-2013-5097
JSON object: View
NVD Information
Status : Modified
Published: 2013-08-16T14:01:36.597
Modified: 2013-09-12T03:37:21.490
Link: CVE-2013-5097
JSON object: View
Redhat Information
No data.
CWE