Vulnerabilities > CVE-2019-0042 - Unspecified vulnerability in Juniper Identity Management Service

CVSS 4.2 - MEDIUM

Attack vector

PHYSICAL

Attack complexity

HIGH

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

high complexity

juniper

NVD

Published: 2019-04-10

Updated: 2021-10-28

Summary

Juniper Identity Management Service (JIMS) for Windows versions prior to 1.1.4 may send an incorrect message to associated SRX services gateways. This may allow an attacker with physical access to an existing domain connected Windows system to bypass SRX firewall policies, or trigger a Denial of Service (DoS) condition for the network.

Vulnerable Configurations

Part	Description	Count
Application	Juniper Juniper Identity Management Service - Juniper Identity Management Service 1.0.0 Juniper Identity Management Service 1.0.3 Juniper Identity Management Service 1.1.2 Juniper Identity Management Service 1.1.3	5

References

https://kb.juniper.net/JSA10934