CVE-2020-1661 Junos OS: jdhcpd process crash when forwarding a malformed DHCP packet.

On Juniper Networks Junos OS devices configured as a DHCP forwarder, the Juniper Networks Dynamic Host Configuration Protocol Daemon jdhcp process might crash when receiving a malformed DHCP packet. This issue only affects devices configured as DHCP forwarder with forward-only option, that forwar...

CVE-2020-1630 Junos OS: Privilege escalation vulnerability in dual REs, VC or HA cluster may allow unauthorized configuration change.

A privilege escalation vulnerability in Juniper Networks Junos OS devices configured with dual Routing Engines RE, Virtual Chassis VC or high-availability cluster may allow a local authenticated low-privileged user with access to the shell to perform unauthorized configuration modification. This...

Juniper JSA10970

The version of tested product installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the JSA10970 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self- reported version numbe...

CVE-2020-1600 Junos OS: A specific SNMP command can trigger a high CPU usage Denial of Service in the RPD daemon.

In a Point-to-Multipoint P2MP Label Switched Path LSP scenario, an uncontrolled resource consumption vulnerability in the Routing Protocol Daemon RPD in Juniper Networks Junos OS allows a specific SNMP request to trigger an infinite loop causing a high CPU usage Denial of Service DoS condition...

CVE-2019-0050

Under certain heavy traffic conditions srxpfe process can crash and result in a denial of service condition for the SRX1500 device. Repeated crashes of the srxpfe can result in an extended denial of service condition. The SRX device may fail to forward traffic when this condition occurs. Affected...

CVE-2019-0068 Junos OS: SRX Series: Denial of Service vulnerability in flowd due to multicast packets

The SRX flowd process, responsible for packet forwarding, may crash and restart when processing specific multicast packets. By continuously sending the specific multicast packets, an attacker can repeatedly crash the flowd process causing a sustained Denial of Service. This issue affects Juniper...

CVE-2019-0047 Junos OS: Persistent XSS vulnerability in J-Web

A persistent Cross-Site Scripting XSS vulnerability in Junos OS J-Web interface may allow remote unauthenticated attackers to perform administrative actions on the Junos device. Successful exploitation requires a Junos administrator to first perform certain diagnostic actions on J-Web. This issue...

Juniper Junos CVE-2019-0073 Local Insecure File Permissions Vulnerability

Description Juniper Junos is prone to a local insecure file-permission vulnerability. A local attacker can exploit this issue to access sensitive information stored in the file-system. The following versions of Junos are vulnerable. Juniper Junos 15.1X49 versions prior to 15.1X49-D180 Juniper Jun...

Juniper Networks SRX5000 Junos OS Input Validation Error Vulnerability

The Juniper Networks SRX5000 is a 5000 Series security services gateway appliance from Juniper Networks, Inc.Junos OS is a network operating system dedicated to the company's hardware devices. An input validation error vulnerability exists in Juniper Networks SRX5000 in Junos OS versions 12.1X46,...

CVE-2018-0055

Receipt of a specially crafted DHCPv6 message destined to a Junos OS device configured as a DHCP server in a Broadband Edge BBE environment may result in a jdhcpd daemon crash. The daemon automatically restarts without intervention, but a continuous receipt of crafted DHCPv6 packets could leaded ...

CVE-2018-0053

An authentication bypass vulnerability in the initial boot sequence of Juniper Networks Junos OS on vSRX Series may allow an attacker to gain full control of the system without authentication when the system is initially booted up. Affected releases are Juniper Networks Junos OS: 15.1X49 versions...

CVE-2018-0045

Receipt of a specific Draft-Rosen MVPN control packet may cause the routing protocol daemon RPD process to crash and restart or may lead to remote code execution. By continuously sending the same specific Draft-Rosen MVPN control packet, an attacker can repeatedly crash the RPD process causing a...

vSRX Series: A local authentication vulnerability may lead to full control of a vSRX instance while the system is booting.

An authentication bypass vulnerability in the initial boot sequence of Juniper Networks Junos OS on vSRX Series may allow an attacker to gain full control of the system without authentication when the system is initially booted up. Affected releases are Juniper Networks Junos OS: 15.1X49 versions...

CVE-2018-0053 vSRX Series: A local authentication vulnerability may lead to full control of a vSRX instance while the system is booting.

An authentication bypass vulnerability in the initial boot sequence of Juniper Networks Junos OS on vSRX Series may allow an attacker to gain full control of the system without authentication when the system is initially booted up. Affected releases are Juniper Networks Junos OS: 15.1X49 versions...

CVE-2018-0025 Junos OS: SRX Series: Credentials exposed when using HTTP and HTTPS Firewall Pass-through User Authentication

When an SRX Series device is configured to use HTTP/HTTPS pass-through authentication services, a client sending authentication credentials in the initial HTTP/HTTPS session is at risk that these credentials may be captured during follow-on HTTP/HTTPS requests by a malicious actor through a...

Design/Logic Flaw

Receipt of a specially crafted Connectionless Network Protocol CLNP datagram destined to an interface of a Junos OS device may result in a kernel crash or lead to remote code execution. Devices are only vulnerable to the specially crafted CLNP datagram if 'clns-routing' or ES-IS is explicitly...

CVE-2018-0017 SRX Series: Denial of service vulnerability in flowd daemon on devices configured with NAT-PT

A vulnerability in the Network Address Translation - Protocol Translation NAT-PT feature of Junos OS on SRX series devices may allow a certain valid IPv6 packet to crash the flowd daemon. Repeated crashes of the flowd daemon can result in an extended denial of service condition for the SRX device...

CVE-2018-0009

On Juniper Networks SRX series devices, firewall rules configured to match custom application UUIDs starting with zeros can match all TCP traffic. Due to this issue, traffic that should have been blocked by other rules is permitted to flow through the device resulting in a firewall bypass...

CVE-2018-0001

A remote, unauthenticated attacker may be able to execute code by exploiting a use-after-free defect found in older versions of PHP through injection of crafted data via specific PHP URLs within the context of the J-Web process. Affected releases are Juniper Networks Junos OS: 12.1X46 versions...

CVE-2017-10621

A denial of service vulnerability in telnetd service on Juniper Networks Junos OS allows remote unauthenticated attackers to cause a denial of service. Affected Junos OS releases are: 12.1X46 prior to 12.1X46-D71; 12.3X48 prior to 12.3X48-D50; 14.1 prior to 14.1R8-S5, 14.1R9; 14.1X53 prior to...