CVE-2019-0042

Summary

Juniper Identity Management Service (JIMS) for Windows versions prior to 1.1.4 may send an incorrect message to associated SRX services gateways. This may allow an attacker with physical access to an existing domain connected Windows system to bypass SRX firewall policies, or trigger a Denial of Service (DoS) condition for the network.

Affected Software

VendorProductVersion RangeStatus
Juniper NetworksJuniper Identity Management Serviceunspecified < 1.1.4affected

Weaknesses

  • CWE-404: CWE-404 Improper Resource Shutdown or Release
  • CWE-305: CWE-305 Authentication Bypass by Primary Weakness
  • CWE-669: CWE-669 Incorrect Resource Transfer Between Spheres

Workarounds

On the domain controller(s), edit GPO policy for Computer Configuration->Policies->Windows Settings->Security Settings->Local Policies->Audit Policy. Uncheck "Failure" for "Audit account logon events". This option is unchecked by default. In the cmd prompt, enter "gpupdate /force" to immediately update the policy change.

ADP Enrichment

CVE Program Container

Additional References

References