Lucene search

K

Mx2020 Security Vulnerabilities

cve
cve

CVE-2020-1608

Receipt of a specific MPLS or IPv6 packet on the core facing interface of an MX Series device configured for Broadband Edge (BBE) service may trigger a kernel crash (vmcore), causing the device to reboot. The issue is specific to the processing of packets destined to BBE clients connected to MX...

7.5CVSS

7.3AI Score

0.001EPSS

2020-01-15 09:15 AM
30
cve
cve

CVE-2019-0063

When an MX Series Broadband Remote Access Server (BRAS) is configured as a Broadband Network Gateway (BNG) with DHCPv6 enabled, jdhcpd might crash when receiving a specific crafted DHCP response message on a subscriber interface. The daemon automatically restarts without intervention, but...

7.5CVSS

7.7AI Score

0.001EPSS

2019-10-09 08:15 PM
42
cve
cve

CVE-2019-0065

On MX Series, when the SIP ALG is enabled, receipt of a certain malformed SIP packet may crash the MS-PIC component on MS-MIC or MS-MPC. By continuously sending a crafted SIP packet, an attacker can repeatedly bring down MS-PIC on MS-MIC/MS-MPC causing a sustained Denial of Service. This issue...

7.5CVSS

7.4AI Score

0.001EPSS

2019-10-09 08:15 PM
44
cve
cve

CVE-2019-0056

This issue only affects devices with three (3) or more MPC10's installed in a single chassis with OSPF enabled and configured on the device. An Insufficient Resource Pool weakness allows an attacker to cause the device's Open Shortest Path First (OSPF) states to transition to Down, resulting in a.....

7.5CVSS

7.5AI Score

0.001EPSS

2019-10-09 08:15 PM
40
cve
cve

CVE-2019-0007

The vMX Series software uses a predictable IP ID Sequence Number. This leaves the system as well as clients connecting through the device susceptible to a family of attacks which rely on the use of predictable IP ID sequence numbers as their base method of attack. This issue was found during...

10CVSS

9.2AI Score

0.002EPSS

2019-01-15 09:29 PM
28
cve
cve

CVE-2018-15504

An issue was discovered in Embedthis GoAhead before 4.0.1 and Appweb before 7.0.2. The server mishandles some HTTP request fields associated with time, which results in a NULL pointer dereference, as demonstrated by If-Modified-Since or If-Unmodified-Since with a month greater than...

7.5CVSS

7.5AI Score

0.005EPSS

2018-08-18 03:29 AM
22
cve
cve

CVE-2018-0002

On SRX Series and MX Series devices with a Service PIC with any ALG enabled, a crafted TCP/IP response packet processed through the device results in memory corruption leading to a flowd daemon crash. Sustained crafted response packets lead to repeated crashes of the flowd daemon which results in.....

8.2CVSS

6.1AI Score

0.001EPSS

2018-01-10 10:29 PM
30
cve
cve

CVE-2017-10611

If extended statistics are enabled via 'set chassis extended-statistics', when executing any operation that fetches interface statistics, including but not limited to SNMP GET requests, the pfem process or the FPC may crash and restart. Repeated crashes of PFE processing can result in an extended.....

6.5CVSS

5.7AI Score

0.001EPSS

2017-10-13 05:29 PM
33
cve
cve

CVE-2014-9708

Embedthis Appweb before 4.6.6 and 5.x before 5.2.1 allows remote attackers to cause a denial of service (NULL pointer dereference) via a Range header with an empty value, as demonstrated by "Range:...

8.9AI Score

0.064EPSS

2015-03-31 02:59 PM
27
4
cve
cve

CVE-2014-6382

The Juniper MX Series routers with Junos 13.3R3 through 13.3Rx before 13.3R6, 14.1 before 14.1R4, 14.1X50 before 14.1X50-D70, and 14.2 before 14.2R2, when configured as a broadband edge (BBE) router, allows remote attackers to cause a denial of service (jpppd crash and restart) by sending a...

6.8AI Score

0.003EPSS

2015-01-16 04:59 PM
19
Total number of security vulnerabilities60