PT-2017-11401 · Juniper Networks · Junos
Published
2017-07-14
·
Updated
2019-10-09
·
CVE-2017-10604
CVSS v3.1
5.3
Medium
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Junos OS versions prior to 12.1X46-D65 on SRX series
Junos OS versions prior to 12.3X48-D45 on SRX series
Junos OS versions prior to 15.1X49-D75 on SRX series
Description
The issue occurs when a device is configured for account lockout with a defined time period. An unauthenticated user attempting to log in as root with an incorrect password can trigger a lockout of the root account. This can cause errors during cluster sync or failover operations on SRX Series devices in cluster mode. Administrators can verify the lockout status of the root account using the command
show system login lockout user root.Recommendations
For Junos OS versions prior to 12.1X46-D65 on SRX series, update to version 12.1X46-D65 or later.
For Junos OS versions prior to 12.3X48-D45 on SRX series, update to version 12.3X48-D45 or later.
For Junos OS versions prior to 15.1X49-D75 on SRX series, update to version 15.1X49-D75 or later.
Fix
Improper Restriction of Excessive Authentication Attempts
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Junos