CVE-2020-1616— JATP Series: JATP Is susceptible to slow brute force attacks on the SSH service.

CVSS 5.3 · Medium EPSS 0.54% · P68 Updated Feb 24, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2020-1616

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

JATP Series: JATP Is susceptible to slow brute force attacks on the SSH service.

Source: NVD (National Vulnerability Database)

Vulnerability Description

Due to insufficient server-side login attempt limit enforcement, a vulnerability in the SSH login service of Juniper Networks Juniper Advanced Threat Prevention (JATP) Series and Virtual JATP (vJATP) devices allows an unauthenticated, remote attacker to perform multiple login attempts in excess of the configured login attempt limit. Successful exploitation will allow the attacker to perform brute-force password attacks on the SSH service. This issue affects: Juniper Networks JATP and vJATP versions prior to 5.0.6.0.

Source: NVD (National Vulnerability Database)

CVSS Information

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Juniper Networks JATP和vJATP 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Juniper NetworksJATP和vJATP中的SSH登录服务存在安全漏洞，该漏洞源于在服务器端程序没有充分实现对请求次数的限制。攻击者可通过发送大量的登录请求利用该漏洞获取用户凭据。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
Juniper Networks	JATP	unspecified ~ 5.0.6.0	-

II. Public POCs for CVE-2020-1616

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2020-1616

请登录查看更多情报信息。

https://kb.juniper.net/JSA10999x_refsource_MISC
https://nvd.nist.gov/vuln/detail/CVE-2020-1616

Same Patch Batch · Juniper Networks · 2020-04-08 · 22 CVEs total

CVE-2020-1614	10.0 CRITICAL	NFX250 Series: Hardcoded credentials in the vSRX VNF instance.
CVE-2020-1615	9.8 CRITICAL	Junos OS: vMX: Default credentials supplied in vMX configuration
CVE-2020-1613	8.6 HIGH	Junos OS: BGP session termination upon receipt of specific BGP FlowSpec advertisement.
CVE-2020-1626	7.5 HIGH	Junos OS Evolved: Denial of Service vulnerability in processing high rate of specific pack
CVE-2020-1617	7.5 HIGH	Junos OS: PTX1000 and PTX10000 Series, QFX10000 Series using non-AFT architectures: A spec
CVE-2020-1638	7.5 HIGH	Junos OS & Junos OS Evolved: A specific IPv4 packet can lead to FPC restart.
CVE-2020-1627	7.5 HIGH	Junos OS: vMX and MX150: Denial of Service vulnerability in packet processing
CVE-2020-1634	7.5 HIGH	Junos OS: High-End SRX Series: Multicast traffic might cause all FPCs to reset.
CVE-2020-1639	7.5 HIGH	Junos OS: A crafted Ethernet OAM packet received by Junos may cause the Ethernet OAM conne
CVE-2020-1637	7.2 HIGH	Junos OS: SRX Series: Unified Access Control (UAC) bypass vulnerability
CVE-2020-1625	6.5 MEDIUM	Junos OS: Kernel memory leak in virtual-memory due to interface flaps
CVE-2020-1618	6.3 MEDIUM	Junos OS: EX and QFX Series: Console port authentication bypass vulnerability
CVE-2020-1619	6.0 MEDIUM	Junos OS: QFX10K Series, EX9200 Series, MX Series, PTX Series: Privilege escalation vulner
CVE-2020-1629	5.9 MEDIUM	Junos OS: A race condition vulnerability may cause RPD daemon to crash when processing a B
CVE-2020-1624	5.5 MEDIUM	Junos OS Evolved: objmon logs may leak sensitive information
CVE-2020-1622	5.5 MEDIUM	Junos OS Evolved: EvoSharedObjStore may leak sensitive information
CVE-2020-1623	5.5 MEDIUM	Junos OS Evolved: ev.ops file may leak sensitive information
CVE-2020-1620	5.5 MEDIUM	Junos OS Evolved: Configd leaks hashes via log file and is world readable
CVE-2020-1621	5.5 MEDIUM	Junos OS Evolved: Configd leaks hashes via stream and is world readable
CVE-2020-1628	5.3 MEDIUM	Junos OS: EX4300: Traffic from the network internal to the device (128.0.0.0) may be forwa

Showing top 20 of 22 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same vendor: Juniper Networks

V. Comments for CVE-2020-1616

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2020-1616— JATP Series: JATP Is susceptible to slow brute force attacks on the SSH service.

I. Basic Information for CVE-2020-1616

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2020-1616

III. Intelligence Information for CVE-2020-1616

Same Patch Batch · Juniper Networks · 2020-04-08 · 22 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2020-1616

Leave a comment