1. Home
  2. CVE Database
  3. CVE-2013-5097
MEDIUM · 4.0

CVE-2013-5097

Juniper Junos Space before 13.1R1.6, as used on the JA1500 appliance and in other contexts, does not properly restrict access to the list of user accounts and their MD5 password hashes, which makes it...

Vulnerability Description

Juniper Junos Space before 13.1R1.6, as used on the JA1500 appliance and in other contexts, does not properly restrict access to the list of user accounts and their MD5 password hashes, which makes it easier for remote authenticated users to obtain sensitive information via a dictionary attack, aka PR 879462.

CVSS Score

4.0

MEDIUM

AV:N/AC:L/Au:S/C:P/I:N/A:N
Confidentiality
PARTIAL
Integrity
NONE
Availability
NONE

Affected Products

VendorProductVersions
JuniperJunos Space11.1
JuniperJunos Space Virtual Appliance-
JuniperJunos Space Ja1500 Appliance-

Related Weaknesses (CWE)

CWE-264

References

FAQ

What is CVE-2013-5097?

CVE-2013-5097 is a vulnerability with a CVSS score of 4.0 (MEDIUM). Juniper Junos Space before 13.1R1.6, as used on the JA1500 appliance and in other contexts, does not properly restrict access to the list of user accounts and their MD5 password hashes, which makes it...

How severe is CVE-2013-5097?

CVE-2013-5097 has been rated MEDIUM with a CVSS base score of 4.0/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2013-5097?

Check the references section above for vendor advisories and patch information. Affected products include: Juniper Junos Space, Juniper Junos Space Virtual Appliance, Juniper Junos Space Ja1500 Appliance.