CVE-2019-0042
CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:H
Summary
Juniper Identity Management Service (JIMS) for Windows versions prior to 1.1.4 may send an incorrect message to associated SRX services gateways. This may allow an attacker with physical access to an existing domain connected Windows system to bypass SRX firewall policies, or trigger a Denial of Service (DoS) condition for the network.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Juniper Networks | Juniper Identity Management Service | unspecified < 1.1.4 | affected |
Weaknesses
- CWE-404: CWE-404 Improper Resource Shutdown or Release
- CWE-305: CWE-305 Authentication Bypass by Primary Weakness
- CWE-669: CWE-669 Incorrect Resource Transfer Between Spheres
Workarounds
On the domain controller(s), edit GPO policy for Computer Configuration->Policies->Windows Settings->Security Settings->Local Policies->Audit Policy. Uncheck "Failure" for "Audit account logon events". This option is unchecked by default. In the cmd prompt, enter "gpupdate /force" to immediately update the policy change.
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.