CVE-2013-5097
Last modified
CVE-2013-5097 is a vulnerability of currently unknown severity. Juniper Junos Space before 13.1R1.6, as used on the JA1500 appliance and in other contexts, does not properly restrict access to the list of user accounts and their MD5 password hashes, which makes it easier for remote authenticated users to obtain sensitive information via a dictionary attack, aka PR 879462.. EPSS estimates a 1.34% chance of exploitation in the next 30 days.
Description
Juniper Junos Space before 13.1R1.6, as used on the JA1500 appliance and in other contexts, does not properly restrict access to the list of user accounts and their MD5 password hashes, which makes it easier for remote authenticated users to obtain sensitive information via a dictionary attack, aka PR 879462.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Juniper | Junos Space | 11.1 |
| Juniper | Junos Space | 11.2 |
| Juniper | Junos Space | 11.3 |
| Juniper | Junos Space | 11.4 |
| Juniper | Junos Space | 12.1 |
| Juniper | Junos Space | 12.2 |
| Juniper | Junos Space | 12.3 |
| Juniper | Junos Space Virtual Appliance | All versions |
| Juniper | Junos Space Ja1500 Appliance | All versions |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2013-5097?
How severe is CVE-2013-5097?
How do I fix CVE-2013-5097?
Are you affected by CVE-2013-5097?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST