CVE-2013-5097

Published: Aug 16, 2013Modified: Apr 29, 2026

4.0

Vector

AV:N/AC:L/Au:S/C:P/I:N/A:N

Exploitability: 8.0 / Impact: 2.9

Source: NVD

Description

Juniper Junos Space before 13.1R1.6, as used on the JA1500 appliance and in other contexts, does not properly restrict access to the list of user accounts and their MD5 password hashes, which makes it easier for remote authenticated users to obtain sensitive information via a dictionary attack, aka PR 879462.

Affected (9)

Products: Juniper: Junos Space, Junos Space Ja1500 Appliance, Junos Space Virtual Appliance

Juniper

3 products

Junos Space

Junos Space Ja1500 Appliance

Junos Space Virtual Appliance

Configuration A

9 vulnerable

Vulnerable Software	Affected Versions
Juniper Junos Space	Version 11.1
Juniper Junos Space	Version 11.2
Juniper Junos Space	Version 11.3
Juniper Junos Space	Version 11.4
Juniper Junos Space	Version 12.1
Juniper Junos Space	Version 12.2
Juniper Junos Space	Version 12.3
Juniper Junos Space Ja1500 Appliance	All versions
Juniper Junos Space Virtual Appliance	All versions

Related CWEs

CWE-264

References (4)

http://kb.juniper.net/JSA10585

Source: cve@mitre.org

Patch

http://www.securitytracker.com/id/1028923

Source: cve@mitre.org

http://kb.juniper.net/JSA10585

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

http://www.securitytracker.com/id/1028923

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.