Description
A Weak Password Requirements vulnerability in the password management function of Juniper Networks CTP OS might allow an unauthenticated, network-based attacker to exploit weak passwords of local accounts and potentially take full control of the device.

The password management menu enables the administrator to set password complexity requirements, but these settings are not saved. The issue can be verified with the menu option "Show password requirements". Failure to enforce the intended requirements can lead to weak passwords being used, which significantly increases the likelihood that an attacker can guess these and subsequently attain unauthorized access.



This issue affects CTP OS versions 9.2R1 and 9.2R2.
Published: 2026-04-09
Score: 9.1 Critical
EPSS: < 1% Very Low
KEV: No
Impact: Remote Unauthorized Access and Full Device Control via Weak Passwords
Action: Immediate Patch
AI Analysis

Impact

Juniper Networks CTP OS contains a weakness in its password management function. The console interface advertises password complexity requirements that are never saved, allowing administrators to set conditions that do not take effect. This flaw means that local user accounts can be created or changed with passwords that do not meet any strength criteria, leaving them vulnerable to brute‑force or other guessing attacks. An attacker who can reach the device over the network and has no credentials could therefore guess a weak password and gain full administrative access, enabling them to compromise, modify, or delete the device configuration, or use the device as a pivot point for further attacks. The vulnerability is a classic example of poor password policy enforcement (CWE‑521).

Affected Systems

The issue affects Juniper Networks CTP OS versions 9.2R1 and 9.2R2. The vendor has addressed the problem in later releases, namely 9.3R1 and all subsequent builds. No other vendors or product families are listed in the advisory.

Risk and Exploitability

The CVSS score of 9.1 indicates a critical severity with a high likelihood of exploitation. While EPSS data is unavailable, the advisory states the problem can be exploited by an unauthenticated, network‑based attacker, implying that the attack might be launched via standard remote management ports such as SSH or console connections. Although the vulnerability is not listed in the CISA KEV catalog, the presence of an official patch and the high base score emphasize the need for timely mitigation. Until the fix is applied, any device running the affected software can be taken over with relatively little effort if weak passwords are present.

Generated by OpenCVE AI on April 9, 2026 at 23:26 UTC.

Remediation

Vendor Solution

The following software releases have been updated to resolve this specific issue: 9.3R1, and all subsequent releases.

Vendor Workaround

Use access lists or firewall filters to limit access to the CLI only from trusted hosts and administrators.

OpenCVE Recommended Actions

  • Update Juniper CTP OS to version 9.3R1 or newer to apply the vendor patch that correctly enforces password requirements.
  • If an immediate upgrade is not possible, limit CLI access to trusted hosts by configuring access lists or firewall filters, thereby restricting the attack surface for credential guessing.
  • Verify that new administrative passwords comply with strong password guidelines and are stored securely.
  • Periodically review and test the password policy enforcement to ensure that the configuration is being applied as intended.

Generated by OpenCVE AI on April 9, 2026 at 23:26 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

References
Link Providers
https://kb.juniper.net/JSA107864 cve-icon cve-icon
History

Fri, 10 Apr 2026 09:00:00 +0000

Type Values Removed Values Added
First Time appeared Juniper Networks
Juniper Networks ctp Os
Vendors & Products Juniper Networks
Juniper Networks ctp Os

Thu, 09 Apr 2026 22:00:00 +0000

Type Values Removed Values Added
Description A Weak Password Requirements vulnerability in the password management function of Juniper Networks CTP OS might allow an unauthenticated, network-based attacker to exploit weak passwords of local accounts and potentially take full control of the device. The password management menu enables the administrator to set password complexity requirements, but these settings are not saved. The issue can be verified with the menu option "Show password requirements". Failure to enforce the intended requirements can lead to weak passwords being used, which significantly increases the likelihood that an attacker can guess these and subsequently attain unauthorized access. This issue affects CTP OS versions 9.2R1 and 9.2R2.
Title CTP OS: Configuring password requirements does not work which permits the use of weak passwords
Weaknesses CWE-521
References
Metrics cvssV3_1

{'score': 7.4, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N'}

cvssV4_0

{'score': 9.1, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/AU:Y/RE:M'}

Subscriptions

Juniper Networks Ctp Os
cve-icon MITRE

Status: PUBLISHED

Assigner: juniper

Published:

Updated: 2026-04-09T21:33:57.007Z

Reserved: 2026-03-23T19:46:13.667Z

Link: CVE-2026-33771

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-04-09T22:16:25.430

Modified: 2026-04-09T22:16:25.430

Link: CVE-2026-33771

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-10T09:27:56Z

Weaknesses