CVE-2019-0042 Information

Description

Juniper Identity Management Service (JIMS) for Windows versions prior to 1.1.4 may send an incorrect message to associated SRX services gateways. This may allow an attacker with physical access to an existing domain connected Windows system to bypass SRX firewall policies or trigger a Denial of Service (DoS) condition for the network.

CVSS Vector

CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Reference

https://kb.juniper.net/JSA10934

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

NONE

Availability Impact

NONE

Base Score

HIGH

Base Severity

4.2