CyberSec.Space Logo
CVEブラウザに戻る

CVE-2020-1616

MEDIUM
5.3
CVSS Severity Score
EPSS Score0.0340%
EPSS Percentile7.70th
Published2020年4月8日
Last Modified2024年11月21日

Vulnerability Description

Due to insufficient server-side login attempt limit enforcement, a vulnerability in the SSH login service of Juniper Networks Juniper Advanced Threat Prevention (JATP) Series and Virtual JATP (vJATP) devices allows an unauthenticated, remote attacker to perform multiple login attempts in excess of the configured login attempt limit. Successful exploitation will allow the attacker to perform brute-force password attacks on the SSH service. This issue affects: Juniper Networks JATP and vJATP versions prior to 5.0.6.0.

Affected Platforms (CPE)

📦
Juniper

Advanced Threat Protection

< 5.0.6.0
📦
Juniper

Virtual Advanced Threat Protection

< 5.0.6.0

References & Advisories

🔗 https://kb.juniper.net/JSA10999
🔗 https://kb.juniper.net/JSA10999

関連する脆弱性情報

CVE-2016-36459.8

Integer overflow in the TNEF unpacker in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection (ATP); Symantec Da...

CVE-2017-122448.6

A vulnerability in the detection engine parsing of IPv6 packets for Cisco Firepower System Software could allow an unauthenticated...

CVE-2016-63688.6

A vulnerability in the detection engine parsing of Pragmatic General Multicast (PGM) protocol packets for Cisco Firepower System S...

CVE-2018-02338.6

A vulnerability in the Secure Sockets Layer (SSL) packet reassembly functionality of the detection engine in Cisco Firepower Syste...