- Description
- Juniper Identity Management Service (JIMS) for Windows versions prior to 1.1.4 may send an incorrect message to associated SRX services gateways. This may allow an attacker with physical access to an existing domain connected Windows system to bypass SRX firewall policies, or trigger a Denial of Service (DoS) condition for the network.
- Source
- sirt@juniper.net
- NVD status
- Analyzed
CVSS 3.1
- Type
- Primary
- Base score
- 4.2
- Impact score
- 3.6
- Exploitability score
- 0.5
- Vector string
- CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
- Severity
- MEDIUM
CVSS 3.0
- Type
- Secondary
- Base score
- 5.7
- Impact score
- 4.7
- Exploitability score
- 0.5
- Vector string
- CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:H
- Severity
- MEDIUM
CVSS 2.0
- Type
- Primary
- Base score
- 1.9
- Impact score
- 2.9
- Exploitability score
- 3.4
- Vector string
- AV:L/AC:M/Au:N/C:N/I:N/A:P
- nvd@nist.gov
- NVD-CWE-noinfo
- sirt@juniper.net
- CWE-305
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:juniper:identity_management_service:*:*:*:*:*:windows:*:*",
"vulnerable": true,
"matchCriteriaId": "00195B94-8F8C-466E-BE59-F41061E9CC0D",
"versionEndExcluding": "1.1.4"
}
],
"operator": "OR"
}
]
}
]