Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Screenos Security Vulnerabilities

cve
cve

CVE-2013-6958

Juniper NetScreen Firewall running ScreenOS 5.4, 6.2, or 6.3, when the Ping of Death screen is disabled, allows remote attackers to cause a denial of service via a crafted packet.

6.6AI Score

0.01EPSS

2013-12-13 06:07 PM
32
cve
cve

CVE-2013-7313

The OSPF implementation in Juniper Junos through 13.x, JunosE, and ScreenOS through 6.3.x does not consider the possibility of duplicate Link State ID values in Link State Advertisement (LSA) packets before performing operations on the LSA database, which allows remote attackers to cause a denial o...

6.3AI Score

0.003EPSS

2014-01-23 05:55 PM
28
cve
cve

CVE-2014-2842

Juniper ScreenOS 6.3 and earlier allows remote attackers to cause a denial of service (crash and restart or failover) via a malformed SSL/TLS packet.

6.8AI Score

0.013EPSS

2014-04-15 02:55 PM
36
cve
cve

CVE-2014-3813

Unspecified vulnerability in the Juniper Networks NetScreen Firewall products with ScreenOS before 6.3r17, when configured to use the internal DNS lookup client, allows remote attackers to cause a denial of service (crash and reboot) via vectors related to a DNS lookup.

6.7AI Score

0.002EPSS

2014-06-13 02:55 PM
25
cve
cve

CVE-2014-3814

The Juniper Networks NetScreen Firewall devices with ScreenOS before 6.3r17, when configured to use the internal DNS lookup client, allows remote attackers to cause a denial of service (crash and reboot) via a sequence of malformed packets to the device IP.

6.9AI Score

0.003EPSS

2014-06-13 02:55 PM
30
cve
cve

CVE-2015-7750

The L2TP packet processing functionality in Juniper Netscreen and ScreenOS Firewall products with ScreenOS before 6.3.0r13-dnd1, 6.3.0r14 through 6.3.0r18 before 6.3.0r18-dnc1, and 6.3.0r19 allows remote attackers to cause a denial of service via a crafted L2TP packet.

6.8AI Score

0.002EPSS

2015-10-19 06:59 PM
33
cve
cve

CVE-2015-7754

Juniper ScreenOS before 6.3.0r21, when ssh-pka is configured and enabled, allows remote attackers to cause a denial of service (system crash) or execute arbitrary code via crafted SSH negotiation.

8.1CVSS

8.3AI Score

0.052EPSS

2016-01-08 07:59 PM
54
cve
cve

CVE-2015-7755

Juniper ScreenOS 6.2.0r15 through 6.2.0r18, 6.3.0r12 before 6.3.0r12b, 6.3.0r13 before 6.3.0r13b, 6.3.0r14 before 6.3.0r14b, 6.3.0r15 before 6.3.0r15b, 6.3.0r16 before 6.3.0r16b, 6.3.0r17 before 6.3.0r17b, 6.3.0r18 before 6.3.0r18b, 6.3.0r19 before 6.3.0r19b, and 6.3.0r20 before 6.3.0r21 allows rem...

7.9AI Score

0.969EPSS

2015-12-19 02:59 PM
36
2
cve
cve

CVE-2015-7756

The encryption implementation in Juniper ScreenOS 6.2.0r15 through 6.2.0r18, 6.3.0r12 before 6.3.0r12b, 6.3.0r13 before 6.3.0r13b, 6.3.0r14 before 6.3.0r14b, 6.3.0r15 before 6.3.0r15b, 6.3.0r16 before 6.3.0r16b, 6.3.0r17 before 6.3.0r17b, 6.3.0r18 before 6.3.0r18b, 6.3.0r19 before 6.3.0r19b, and 6....

7.9AI Score

0.026EPSS

2015-12-19 02:59 PM
37
cve
cve

CVE-2016-1268

The administrative web services interface in Juniper ScreenOS before 6.3.0r21 allows remote attackers to cause a denial of service (reboot) via a crafted SSL packet.

7.5CVSS

5.8AI Score

0.003EPSS

2016-04-15 02:59 PM
36
cve
cve

CVE-2017-2335

A persistent cross site scripting vulnerability in NetScreen WebUI of Juniper Networks Juniper NetScreen Firewall+VPN running ScreenOS allows a user with the 'security' role to inject HTML/JavaScript content into the management session of other users including the administrator. This enables the lo...

8.4CVSS

5.5AI Score

0.001EPSS

2017-07-17 01:18 PM
33
cve
cve

CVE-2017-2336

A reflected cross site scripting vulnerability in NetScreen WebUI of Juniper Networks Juniper NetScreen Firewall+VPN running ScreenOS allows a network based attacker to inject HTML/JavaScript content into the management session of other users including the administrator. This enables the attacker t...

9.6CVSS

5.5AI Score

0.001EPSS

2017-07-17 01:18 PM
34
cve
cve

CVE-2017-2337

A persistent cross site scripting vulnerability in NetScreen WebUI of Juniper Networks Juniper NetScreen Firewall+VPN running ScreenOS allows a user with the 'security' role to inject HTML/JavaScript content into the management session of other users including the administrator. This enables the lo...

8.4CVSS

5.5AI Score

0.001EPSS

2017-07-17 01:18 PM
32
cve
cve

CVE-2017-2338

A persistent cross site scripting vulnerability in NetScreen WebUI of Juniper Networks Juniper NetScreen Firewall+VPN running ScreenOS allows a user with the 'security' role to inject HTML/JavaScript content into the management session of other users including the administrator. This enables the lo...

8.4CVSS

5.5AI Score

0.001EPSS

2017-07-17 01:18 PM
35
cve
cve

CVE-2017-2339

A persistent cross site scripting vulnerability in NetScreen WebUI of Juniper Networks Juniper NetScreen Firewall+VPN running ScreenOS allows a user with the 'security' role to inject HTML/JavaScript content into the management session of other users including the administrator. This enables the lo...

8.4CVSS

5.5AI Score

0.001EPSS

2017-07-17 01:18 PM
41
cve
cve

CVE-2018-0014

Juniper Networks ScreenOS devices do not pad Ethernet packets with zeros, and thus some packets can contain fragments of system memory or data from previous packets. This issue is often detected as CVE-2003-0001. The issue affects all versions of Juniper Networks ScreenOS prior to 6.3.0r25.

6.5CVSS

4.9AI Score

0.026EPSS

2018-01-10 10:29 PM
48