Junos@* Security Vulnerabilities and Issues — Junos@* CVE List

Lucene search

JuniperJunos*

7 matches found

CVE•added 2019/10/09 8:15 p.m.•58 views

CVE-2019-0070

An Improper Input Validation weakness allows a malicious local attacker to elevate their permissions to take control of other portions of the NFX platform they should not be able to access, and execute commands outside their authorized scope of control. This leads to the attacker being able to take...

8.8CVSS8.8AI score0.00028EPSS

CVE•added 2019/10/09 8:15 p.m.•50 views

CVE-2019-0057

An improper authorization weakness in Juniper Networks Junos OS allows a local authenticated attacker to bypass regular security controls to access the Junos Device Manager (JDM) application and take control of the system. This issue affects: Juniper Networks Junos OS versions prior to 18.2R1, 18.2...

7.8CVSS7.7AI score0.00039EPSS

CVE•added 2019/04/10 8:29 p.m.•48 views

CVE-2019-0008

A certain sequence of valid BGP or IPv6 BFD packets may trigger a stack based buffer overflow in the Junos OS Packet Forwarding Engine manager (FXPC) process on QFX5000 series, EX4300, EX4600 devices. This issue can result in a crash of the fxpc daemon or may potentially lead to remote code executi...

9.8CVSS10AI score0.04767EPSS

CVE•added 2019/04/10 8:29 p.m.•46 views

CVE-2019-0039

If REST API is enabled, the Junos OS login credentials are vulnerable to brute force attacks. The high default connection limit of the REST API may allow an attacker to brute-force passwords using advanced scripting techniques. Additionally, administrators who do not enforce a strong password polic...

8.1CVSS6.5AI score0.00288EPSS

CVE•added 2019/04/10 8:29 p.m.•45 views

CVE-2019-0033

A firewall bypass vulnerability in the proxy ARP service of Juniper Networks Junos OS allows an attacker to cause a high CPU condition leading to a Denial of Service (DoS). This issue affects only IPv4. Affected releases are Juniper Networks Junos OS: 12.1X46 versions above and including 12.1X46-D2...

7.5CVSS7.4AI score0.00494EPSS

CVE•added 2019/04/10 8:29 p.m.•41 views

CVE-2019-0031

Specific IPv6 DHCP packets received by the jdhcpd daemon will cause a memory resource consumption issue to occur on a Junos OS device using the jdhcpd daemon configured to respond to IPv6 requests. Once started, memory consumption will eventually impact any IPv4 or IPv6 request serviced by the jdhc...

7.5CVSS7.6AI score0.00519EPSS

CVE•added 2019/04/10 8:29 p.m.•40 views

CVE-2019-0036

When configuring a stateless firewall filter in Junos OS, terms named using the format "internal-n" (e.g. "internal-1", "internal-2", etc.) are silently ignored. No warning is issued during configuration, and the config is committed without error, but the filter criteria will match all packets lead...

9.8CVSS8.3AI score0.00255EPSS