Junos@14.2 Security Vulnerabilities and Issues — Junos@14.2 CVE List

Lucene search

JuniperJunos14.2

9 matches found

CVE•added 2018/01/10 10:29 p.m.•75 views

CVE-2018-0001

A remote, unauthenticated attacker may be able to execute code by exploiting a use-after-free defect found in older versions of PHP through injection of crafted data via specific PHP URLs within the context of the J-Web process. Affected releases are Juniper Networks Junos OS: 12.1X46 versions prio...

9.8CVSS9.8AI score0.05904EPSS

CVE•added 2018/01/10 10:29 p.m.•59 views

CVE-2018-0007

An unauthenticated network-based attacker able to send a maliciously crafted LLDP packet to the local segment, through a local segment broadcast, may be able to cause a Junos device to enter an improper boundary check condition allowing a memory corruption to occur, leading to a denial of service. ...

10CVSS9.7AI score0.00459EPSS

CVE•added 2018/01/10 10:29 p.m.•54 views

CVE-2018-0004

A sustained sequence of different types of normal transit traffic can trigger a high CPU consumption denial of service condition in the Junos OS register and schedule software interrupt handler subsystem when a specific command is issued to the device. This affects one or more threads and conversel...

7.1CVSS6.8AI score0.00288EPSS

CVE•added 2018/04/11 7:29 p.m.•53 views

CVE-2018-0019

A vulnerability in Junos OS SNMP MIB-II subagent daemon (mib2d) may allow a remote network based attacker to cause the mib2d process to crash resulting in a denial of service condition (DoS) for the SNMP subsystem. While a mib2d process crash can disrupt the network monitoring via SNMP, it does not...

5.9CVSS5.9AI score0.00337EPSS

CVE•added 2018/04/11 7:29 p.m.•51 views

CVE-2018-0022

A Junos device with VPLS routing-instances configured on one or more interfaces may be susceptible to an mbuf leak when processing a specific MPLS packet. Approximately 1 mbuf is leaked per each packet processed. The number of mbufs is platform dependent. The following command provides the number o...

7.8CVSS7.6AI score0.01351EPSS

CVE•added 2018/01/10 10:29 p.m.•50 views

CVE-2018-0002

On SRX Series and MX Series devices with a Service PIC with any ALG enabled, a crafted TCP/IP response packet processed through the device results in memory corruption leading to a flowd daemon crash. Sustained crafted response packets lead to repeated crashes of the flowd daemon which results in a...

8.2CVSS6.9AI score0.0184EPSS

CVE•added 2018/01/10 10:29 p.m.•50 views

CVE-2018-0003

A specially crafted MPLS packet received or processed by the system, on an interface configured with MPLS, will store information in the system memory. Subsequently, if this stored information is accessed, this may result in a kernel crash leading to a denial of service. Affected releases are Junip...

6.5CVSS6.4AI score0.00224EPSS

CVE•added 2018/01/10 10:29 p.m.•50 views

CVE-2018-0008

An unauthenticated root login may allow upon reboot when a commit script is used. A commit script allows a device administrator to execute certain instructions during commit, which is configured under the [system scripts commit] stanza. Certain commit scripts that work without a problem during norm...

7.2CVSS6.9AI score0.00293EPSS

CVE•added 2018/10/10 6:29 p.m.•46 views

CVE-2018-0050

An error handling vulnerability in Routing Protocols Daemon (RPD) of Juniper Networks Junos OS allows an attacker to cause RPD to crash. Continued receipt of this malformed MPLS RSVP packet will cause a sustained Denial of Service condition. Affected releases are Juniper Networks Junos OS: 14.1 ver...

7.5CVSS5.9AI score0.00748EPSS