Junos Security Vulnerabilities and Issues — Page 2 of Junos CVE List

Lucene search

JuniperJunos

58 matches found

CVE•added 2019/01/15 9:29 p.m.•42 views

CVE-2019-0014

On QFX and PTX Series, receipt of a malformed packet for J-Flow sampling might crash the FPC (Flexible PIC Concentrator) process which causes all interfaces to go down. By continuously sending the offending packet, an attacker can repeatedly crash the FPC process causing a sustained Denial of Servi...

7.5CVSS7.5AI score0.00476EPSS

CVE•added 2019/04/10 8:29 p.m.•42 views

CVE-2019-0043

In MPLS environments, receipt of a specific SNMP packet may cause the routing protocol daemon (RPD) process to crash and restart. By continuously sending a specially crafted SNMP packet, an attacker can repetitively crash the RPD process causing prolonged denial of service. No other Juniper Network...

7.5CVSS7.5AI score0.00389EPSS

CVE•added 2019/10/09 8:15 p.m.•42 views

CVE-2019-0067

Receipt of a specific link-local IPv6 packet destined to the RE may cause the system to crash and restart (vmcore). By continuously sending a specially crafted IPv6 packet, an attacker can repeatedly crash the system causing a prolonged Denial of Service (DoS). This issue affects Juniper Networks J...

6.5CVSS6.7AI score0.00076EPSS

CVE•added 2019/04/10 8:29 p.m.•41 views

CVE-2019-0031

Specific IPv6 DHCP packets received by the jdhcpd daemon will cause a memory resource consumption issue to occur on a Junos OS device using the jdhcpd daemon configured to respond to IPv6 requests. Once started, memory consumption will eventually impact any IPv4 or IPv6 request serviced by the jdhc...

7.5CVSS7.6AI score0.00519EPSS

CVE•added 2019/10/09 8:15 p.m.•41 views

CVE-2019-0050

Under certain heavy traffic conditions srxpfe process can crash and result in a denial of service condition for the SRX1500 device. Repeated crashes of the srxpfe can result in an extended denial of service condition. The SRX device may fail to forward traffic when this condition occurs. Affected r...

7.5CVSS7.5AI score0.00389EPSS

CVE•added 2019/01/15 9:29 p.m.•40 views

CVE-2019-0015

A vulnerability in the SRX Series Service Gateway allows deleted dynamic VPN users to establish dynamic VPN connections until the device is rebooted. A deleted dynamic VPN connection should be immediately disallowed from establishing new VPN connections. Due to an error in token caching, deleted us...

5.5CVSS5.5AI score0.00193EPSS

CVE•added 2019/04/10 8:29 p.m.•40 views

CVE-2019-0036

When configuring a stateless firewall filter in Junos OS, terms named using the format "internal-n" (e.g. "internal-1", "internal-2", etc.) are silently ignored. No warning is issued during configuration, and the config is committed without error, but the filter criteria will match all packets lead...

9.8CVSS8.3AI score0.00255EPSS

CVE•added 2019/10/09 8:15 p.m.•40 views

CVE-2019-0047

A persistent Cross-Site Scripting (XSS) vulnerability in Junos OS J-Web interface may allow remote unauthenticated attackers to perform administrative actions on the Junos device. Successful exploitation requires a Junos administrator to first perform certain diagnostic actions on J-Web. This issue...

8.8CVSS7.8AI score0.00646EPSS

Total number of security vulnerabilities58