CVE-2020-1616

Name of the Vulnerable Software and Affected Versions: Juniper Networks JATP and vJATP versions prior to 5.0.6.0

Description: The issue is related to insufficient server-side login attempt limit enforcement in the SSH login service, allowing an unauthenticated, remote attacker to perform multiple login attempts in excess of the configured login attempt limit. This enables the attacker to perform brute-force password attacks on the SSH service.

Recommendations: For Juniper Networks JATP and vJATP versions prior to 5.0.6.0, update to version 5.0.6.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the SSH service to minimize the risk of exploitation.