CVE-2020-1661 Junos OS: jdhcpd process crash when forwarding a malformed DHCP packet.

On Juniper Networks Junos OS devices configured as a DHCP forwarder, the Juniper Networks Dynamic Host Configuration Protocol Daemon jdhcp process might crash when receiving a malformed DHCP packet. This issue only affects devices configured as DHCP forwarder with forward-only option, that forwar...

Juniper Networks Junos OS Input Validation Error Vulnerability (CNVD-2020-33671)

Juniper Networks Junos OS is a Juniper Networks network operating system for the company's hardware devices. The OS provides a secure programming interface and the Junos SDK. An input validation error vulnerability exists in Juniper Networks Junos OS 12.3X48. An attacker could exploit this...

CVE-2020-1634

On High-End SRX Series devices, in specific configurations and when specific networking events or operator actions occur, an SPC receiving genuine multicast traffic may core. Subsequently, all FPCs in a chassis may reset causing a Denial of Service. This issue affects both IPv4 and IPv6. This iss...

Juniper JSA10970

The version of tested product installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the JSA10970 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self- reported version numbe...

CVE-2020-1600 Junos OS: A specific SNMP command can trigger a high CPU usage Denial of Service in the RPD daemon.

In a Point-to-Multipoint P2MP Label Switched Path LSP scenario, an uncontrolled resource consumption vulnerability in the Routing Protocol Daemon RPD in Juniper Networks Junos OS allows a specific SNMP request to trigger an infinite loop causing a high CPU usage Denial of Service DoS condition...

CVE-2019-0068 Junos OS: SRX Series: Denial of Service vulnerability in flowd due to multicast packets

The SRX flowd process, responsible for packet forwarding, may crash and restart when processing specific multicast packets. By continuously sending the specific multicast packets, an attacker can repeatedly crash the flowd process causing a sustained Denial of Service. This issue affects Juniper...

Juniper Junos CVE-2019-0058 Local Privilege Escalation Vulnerability

Description Juniper Junos is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to gain elevated privileges. Juniper Junos 12.3X48 versions prior to 12.3X48-D80 are vulnerable Technologies Affected Juniper Junos 12.3X48 Juniper Junos 12.3X48-D10 Juniper...

Juniper Networks SRX5000 Junos OS Input Validation Error Vulnerability

The Juniper Networks SRX5000 is a 5000 Series security services gateway appliance from Juniper Networks, Inc.Junos OS is a network operating system dedicated to the company's hardware devices. An input validation error vulnerability exists in Juniper Networks SRX5000 in Junos OS versions 12.1X46,...

CVE-2018-0025 Junos OS: SRX Series: Credentials exposed when using HTTP and HTTPS Firewall Pass-through User Authentication

When an SRX Series device is configured to use HTTP/HTTPS pass-through authentication services, a client sending authentication credentials in the initial HTTP/HTTPS session is at risk that these credentials may be captured during follow-on HTTP/HTTPS requests by a malicious actor through a...

CVE-2018-0017 SRX Series: Denial of service vulnerability in flowd daemon on devices configured with NAT-PT

A vulnerability in the Network Address Translation - Protocol Translation NAT-PT feature of Junos OS on SRX series devices may allow a certain valid IPv6 packet to crash the flowd daemon. Repeated crashes of the flowd daemon can result in an extended denial of service condition for the SRX device...

CVE-2018-0009

On Juniper Networks SRX series devices, firewall rules configured to match custom application UUIDs starting with zeros can match all TCP traffic. Due to this issue, traffic that should have been blocked by other rules is permitted to flow through the device resulting in a firewall bypass...

CVE-2018-0001

A remote, unauthenticated attacker may be able to execute code by exploiting a use-after-free defect found in older versions of PHP through injection of crafted data via specific PHP URLs within the context of the J-Web process. Affected releases are Juniper Networks Junos OS: 12.1X46 versions...

CVE-2017-10621

A denial of service vulnerability in telnetd service on Juniper Networks Junos OS allows remote unauthenticated attackers to cause a denial of service. Affected Junos OS releases are: 12.1X46 prior to 12.1X46-D71; 12.3X48 prior to 12.3X48-D50; 14.1 prior to 14.1R8-S5, 14.1R9; 14.1X53 prior to...

CVE-2017-10608 SRX series: Junos OS: SRX series using IPv6 Sun/MS-RPC ALGs may experience flowd crash on processing packets.

Any Juniper Networks SRX series device with one or more ALGs enabled may experience a flowd crash when traffic is processed by the Sun/MS-RPC ALGs. This vulnerability in the Sun/MS-RPC ALG services component of Junos OS allows an attacker to cause a repeated denial of service against the target...

CVE-2017-10619 Junos: SRX cluster denial of service vulnerability in flowd due to multicast packets

When Express Path formerly known as service offloading is configured on Juniper Networks SRX1400, SRX3400, SRX3600, SRX5400, SRX5600, SRX5800 in high availability cluster configuration mode, certain multicast packets might cause the flowd process to crash, halting or interrupting traffic from...

Juniper SRX Series Appliance Junos OS Denial of Service Vulnerability

Juniper SRX Series devices are an SRX Series gateway device from Juniper Networks, Inc.Junos OS is the operating system used in them. The operating system provides a secure programming interface and the Junos SDK. A security vulnerability exists in the cluster mode of Junos OS versions 12.1X46,...

CVE-2016-1262

Juniper Junos OS before 12.1X46-D45, 12.1X47 before 12.1X47-D30, 12.1X48 before 12.3X48-D20, and 15.1X49 before 15.1X49-D30 on SRX series devices, when the Real Time Streaming Protocol Application Layer Gateway RTSP ALG is enabled, allow remote attackers to cause a denial of service flowd crash v...

Juniper Networks Junos OS SRX NSD Denial of Service Vulnerability

Junos OS is prone to a DoS vulnerability in the Network Security Daemon. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Juniper Networks Junos OS Local Security Bypass Vulnerability

Junos OS is prone to a local security bypass which may lead to complete administrative access. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

CVE-2015-3003

Juniper Junos 12.1X44 before 12.1X44-D45, 12.1X46 before 12.1X46-D30, 12.1X47 before 12.1X47-D20, 12.3 before 12.3R9, 12.3X48 before 12.3X48-D10, 13.2 before 13.2R6, 13.3 before 13.3R5, 14.1 before 14.1R3, and 14.2 before 14.2R1 allows local users to gain privileges via crafted combinations of CL...