The vulnerability of the configuration of Juniper Networks’ Modular Port Concentrators for Junos OS operating systems and routers of the MX and EX9200 series allows a hacker to cause service interruptions.

The vulnerability of the configuration of Juniper Networks’ Modular Port Concentrator devices for Junos OS routers of the MX and EX9200 series involves an uncontrolled consumption of resources. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...

The vulnerability of JunOS operating systems’ routers, such as SRX1500, SRX4100, SRX4200, SRX4600, and SRX5000 with SPC2, and SRX5000 with SPC2/SPC3, vSRX, is related to privilege management errors. This vulnerability allows attackers to escalate their privileges.

The vulnerability of JunOS operating systems’ routers, such as SRX1500, SRX4100, SRX4200, SRX4600, and SRX5000 with SPC2, SRX5000 with SPC2/SPC3, and vSRX, is related to privilege management errors. Exploiting this vulnerability can allow attackers to increase their privileges...

CVE-2021-0275

A Cross-site Scripting XSS vulnerability in J-Web on Juniper Networks Junos OS allows an attacker to target another user's session thereby gaining access to the users session. The other user session must be active for the attack to succeed. Once successful, the attacker has the same privileges as...

CVE-2021-0245

A Use of Hard-coded Credentials vulnerability in Juniper Networks Junos OS on Junos Fusion satellite devices allows an attacker who is local to the device to elevate their privileges and take control of the device. This issue affects: Juniper Networks Junos OS Junos Fusion Satellite Devices. 16.1...

CVE-2021-0250

In segment routing traffic engineering SRTE environments where the BGP Monitoring Protocol BMP feature is enable, a vulnerability in the Routing Protocol Daemon RPD process of Juniper Networks Junos OS allows an attacker to send a specific crafted BGP update message causing the RPD service to cor...

CVE-2021-0243

Improper Handling of Unexpected Data in the firewall policer of Juniper Networks Junos OS on EX4300 switches allows matching traffic to exceed set policer limits, possibly leading to a limited Denial of Service DoS condition. When the firewall policer discard action fails on a Layer 2 port, it wi...

CVE-2021-0254

A buffer size validation vulnerability in the overlayd service of Juniper Networks Junos OS may allow an unauthenticated remote attacker to send specially crafted packets to the device, triggering a partial Denial of Service DoS condition, or leading to remote code execution RCE. Continued receip...

CVE-2021-0263

A Data Processing vulnerability in the Multi-Service process multi-svcs on the FPC of Juniper Networks Junos OS on the PTX Series routers may lead to the process becoming unresponsive, ultimately affecting traffic forwarding, allowing an attacker to cause a Denial of Service DoS condition . The...

CVE-2021-0261

A vulnerability in the HTTP/HTTPS service used by J-Web, Web Authentication, Dynamic-VPN DVPN, Firewall Authentication Pass-Through with Web-Redirect, and Captive Portal allows an unauthenticated attacker to cause an extended Denial of Service DoS for these services by sending a high number of...

CVE-2021-0266

The use of multiple hard-coded cryptographic keys in cSRX Series software in Juniper Networks Junos OS allows an attacker to take control of any instance of a cSRX deployment through device management services. This issue affects: Juniper Networks Junos OS on cSRX Series: All versions prior to...

CVE-2021-0248

This issue is not applicable to NFX NextGen Software. On NFX Series devices the use of Hard-coded Credentials in Juniper Networks Junos OS allows an attacker to take over any instance of an NFX deployment. This issue is only exploitable through administrative interfaces. This issue affects: Junip...

CVE-2021-0260

An improper authorization vulnerability in the Simple Network Management Protocol daemon snmpd service of Juniper Networks Junos OS leads an unauthenticated attacker being able to perform SNMP read actions, an Exposure of System Data to an Unauthorized Control Sphere, or write actions to OIDs tha...

CVE-2021-0255

A local privilege escalation vulnerability in ethtraceroute of Juniper Networks Junos OS may allow a locally authenticated user with shell access to escalate privileges and write to the local filesystem as root. ethtraceroute is shipped with setuid permissions enabled and is owned by the root use...

CVE-2021-0258

A vulnerability in the forwarding of transit TCPv6 packets received on the Ethernet management interface of Juniper Networks Junos OS allows an attacker to trigger a kernel panic, leading to a Denial of Service DoS. Continued receipt and processing of these transit packets will create a sustained...

CVE-2021-0241

On Juniper Networks Junos OS platforms configured as DHCPv6 local server or DHCPv6 Relay Agent, Juniper Networks Dynamic Host Configuration Protocol Daemon JDHCPD process might crash with a core dump if a specific DHCPv6 packet is received, resulting in a restart of the daemon. The daemon...

CVE-2021-0249

On SRX Series devices configured with UTM services a buffer overflow vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS may allow an attacker to arbitrarily execute code or commands on the target to take over or otherwise impact the device by sending crafted packets to...

CVE-2021-0269

The improper handling of client-side parameters in J-Web of Juniper Networks Junos OS allows an attacker to perform a number of different malicious actions against a target device when a user is authenticated to J-Web. An attacker may be able to supersede existing parameters, including hardcoded...

CVE-2021-0253

NFX Series devices using Juniper Networks Junos OS are susceptible to a local command execution vulnerability thereby allowing an attacker to elevate their privileges via the Junos Device Management Daemon JDMD process. This issue affects Juniper Networks Junos OS on NFX Series 17.2 version 17.2R...

CVE-2021-0227

An improper restriction of operations within the bounds of a memory buffer vulnerability in Juniper Networks Junos OS J-Web on SRX Series devices allows an attacker to cause Denial of Service DoS by sending certain crafted HTTP packets. Continued receipt and processing of these packets will creat...

CVE-2021-0216

A vulnerability in Juniper Networks Junos OS running on the ACX5448 and ACX710 platforms may cause BFD sessions to flap when a high rate of transit ARP packets are received. This, in turn, may impact routing protocols and network stability, leading to a Denial of Service DoS condition. When a hig...