CVE-2019-0042

MEDIUM

Juniper Identity Management Service < 1.1.4 - Denial of Service

Title source: rule

Description

Juniper Identity Management Service (JIMS) for Windows versions prior to 1.1.4 may send an incorrect message to associated SRX services gateways. This may allow an attacker with physical access to an existing domain connected Windows system to bypass SRX firewall policies, or trigger a Denial of Service (DoS) condition for the network.

References (1)

[Mitigation, Vendor Advisory] https://kb.juniper.net/JSA10934

Scores

CVSS v3 4.2

EPSS 0.0005

EPSS Percentile 14.3%

Attack Vector PHYSICAL

CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-669 CWE-305 CWE-404

Status published

Products (1)

juniper/identity_management_service < 1.1.4

Published Apr 10, 2019

Tracked Since Feb 18, 2026