Juniper Networks CTP OS Weak Password Requirements Vulnerability

A vulnerability exists in Juniper Networks CTP OS versions 9.2R1 and 9.2R2 due to weak password requirements not being properly enforced. This flaw allows an unauthenticated, network-based attacker to exploit local accounts with weak passwords, potentially gaining full control of the device. Although the password management menu allows administrators to set complexity requirements, these settings are not saved. The issue can be verified using the 'Show password requirements' menu option. The failure to enforce password requirements increases the likelihood of unauthorized access.

Impact

Exploitation of this vulnerability could lead to unauthorized access and control over the affected device.

Remediation

Users can upgrade to CTP OS version 9.3R1 or any subsequent release to address this vulnerability. Additionally, access lists or firewall filters can be used to limit access to the command-line interface (CLI) from untrusted hosts and administrators.