Lucene search

K
JuniperJunos18.3

190 matches found

CVE
CVE
added 2019/10/09 8:15 p.m.50 views

CVE-2019-0061

The management daemon (MGD) is responsible for all configuration and management operations in Junos OS. The Junos CLI communicates with MGD over an internal unix-domain socket and is granted special permission to open this protected mode socket. Due to a misconfiguration of the internal socket, a l...

7.8CVSS7.6AI score0.00039EPSS
CVE
CVE
added 2019/10/09 8:15 p.m.50 views

CVE-2019-0073

The PKI keys exported using the command "run request security pki key-pair export" on Junos OS may have insecure file permissions. This may allow another user on the Junos OS device with shell access to read them. This issue affects: Juniper Networks Junos OS 15.1X49 versions prior to 15.1X49-D180;...

7.1CVSS6.8AI score0.00033EPSS
CVE
CVE
added 2020/10/16 9:15 p.m.50 views

CVE-2020-1688

On Juniper Networks SRX Series and NFX Series, a local authenticated user with access to the shell may obtain the Web API service private key that is used to provide encrypted communication between the Juniper device and the authenticator services. Exploitation of this vulnerability may allow an at...

6.5CVSS6.4AI score0.00054EPSS
CVE
CVE
added 2022/10/18 3:15 a.m.50 views

CVE-2022-22250

An Improper Control of a Resource Through its Lifetime vulnerability in Packet Forwarding Engine (PFE) of Juniper Networks Junos OS and Junos OS Evolved allows unauthenticated adjacent attacker to cause a Denial of Service (DoS). In an EVPN-MPLS scenario, if MAC is learned locally on an access inte...

6.5CVSS6.6AI score0.00084EPSS
CVE
CVE
added 2021/04/22 8:15 p.m.49 views

CVE-2021-0214

A vulnerability in the distributed or centralized periodic packet management daemon (PPMD) of Juniper Networks Junos OS may cause receipt of a malformed packet to crash and restart the PPMD process, leading to network destabilization, service interruption, and a Denial of Service (DoS) condition. C...

6.5CVSS6.5AI score0.00031EPSS
CVE
CVE
added 2021/04/22 8:15 p.m.49 views

CVE-2021-0216

A vulnerability in Juniper Networks Junos OS running on the ACX5448 and ACX710 platforms may cause BFD sessions to flap when a high rate of transit ARP packets are received. This, in turn, may impact routing protocols and network stability, leading to a Denial of Service (DoS) condition. When a hig...

6.5CVSS6.5AI score0.00081EPSS
CVE
CVE
added 2021/04/22 8:15 p.m.49 views

CVE-2021-0268

An Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting') weakness in J-web of Juniper Networks Junos OS leads to buffer overflows, segment faults, or other impacts, which allows an attacker to modify the integrity of the device and exfiltration information from the d...

9.3CVSS8.8AI score0.00268EPSS
CVE
CVE
added 2019/10/09 8:15 p.m.48 views

CVE-2019-0069

On EX4600, QFX5100 Series, NFX Series, QFX10K Series, QFX5110, QFX5200 Series, QFX5110, QFX5200, QFX10K Series, vSRX, SRX1500, SRX4000 Series, vSRX, SRX1500, SRX4000, QFX5110, QFX5200, QFX10K Series, when the user uses console management port to authenticate, the credentials used during device auth...

5.9CVSS5.6AI score0.0002EPSS
CVE
CVE
added 2020/07/17 7:15 p.m.48 views

CVE-2020-1647

On Juniper Networks SRX Series with ICAP (Internet Content Adaptation Protocol) redirect service enabled, a double free vulnerability can lead to a Denial of Service (DoS) or Remote Code Execution (RCE) due to processing of a specific HTTP message. Continued processing of this specific HTTP message...

9.8CVSS9.7AI score0.01994EPSS
CVE
CVE
added 2021/07/15 8:15 p.m.48 views

CVE-2021-0295

A vulnerability in the Distance Vector Multicast Routing Protocol (DVMRP) of Juniper Networks Junos OS on the QFX10K Series switches allows an attacker to trigger a packet forwarding loop, leading to a partial Denial of Service (DoS). The issue is caused by DVMRP packets looping on a multi-homed Et...

6.1CVSS6AI score0.00106EPSS
CVE
CVE
added 2022/01/19 1:15 a.m.48 views

CVE-2022-22160

An Unchecked Error Condition vulnerability in the subscriber management daemon (smgd) of Juniper Networks Junos OS allows an unauthenticated adjacent attacker to cause a crash of and thereby a Denial of Service (DoS). In a subscriber management / broadband edge environment if a single session group...

6.5CVSS6.5AI score0.00195EPSS
CVE
CVE
added 2019/04/10 8:29 p.m.47 views

CVE-2019-0019

When BGP tracing is enabled an incoming BGP message may cause the Junos OS routing protocol daemon (rpd) process to crash and restart. While rpd restarts after a crash, repeated crashes can result in an extended DoS condition. Affected releases are Juniper Networks Junos OS: 16.1 versions prior to ...

7.5CVSS7.5AI score0.00494EPSS
CVE
CVE
added 2019/04/10 8:29 p.m.47 views

CVE-2019-0037

In a Dynamic Host Configuration Protocol version 6 (DHCPv6) environment, the jdhcpd daemon may crash and restart upon receipt of certain DHCPv6 solicit messages received from a DHCPv6 client. By continuously sending the same crafted packet, an attacker can repeatedly crash the jdhcpd process causin...

7.5CVSS7.4AI score0.00226EPSS
CVE
CVE
added 2020/01/15 9:15 a.m.47 views

CVE-2020-1602

When a device using Juniper Network's Dynamic Host Configuration Protocol Daemon (JDHCPD) process on Junos OS or Junos OS Evolved which is configured in relay mode it vulnerable to an attacker sending crafted IPv4 packets who may remotely take over the code execution of the JDHDCP process. This iss...

8.8CVSS7.9AI score0.0024EPSS
CVE
CVE
added 2020/01/15 9:15 a.m.47 views

CVE-2020-1605

When a device using Juniper Network's Dynamic Host Configuration Protocol Daemon (JDHCPD) process on Junos OS or Junos OS Evolved which is configured in relay mode it vulnerable to an attacker sending crafted IPv4 packets who may then arbitrarily execute commands as root on the target device. This ...

8.8CVSS8.7AI score0.00205EPSS
CVE
CVE
added 2020/04/08 8:15 p.m.47 views

CVE-2020-1615

The factory configuration for vMX installations, as shipped, includes default credentials for the root account. Without proper modification of these default credentials by the administrator, an attacker could exploit these credentials and access the vMX instance without authorization. This issue af...

10CVSS9.6AI score0.0047EPSS
CVE
CVE
added 2020/04/08 8:15 p.m.47 views

CVE-2020-1619

A privilege escalation vulnerability in Juniper Networks QFX10K Series, EX9200 Series, MX Series, and PTX Series with Next-Generation Routing Engine (NG-RE), allows a local authenticated high privileged user to access the underlying WRL host. This issue only affects QFX10K Series with NG-RE, EX9200...

6.7CVSS6.1AI score0.00039EPSS
CVE
CVE
added 2021/04/22 8:15 p.m.47 views

CVE-2021-0242

A vulnerability due to the improper handling of direct memory access (DMA) buffers on EX4300 switches on Juniper Networks Junos OS allows an attacker sending specific unicast frames to trigger a Denial of Service (DoS) condition by exhausting DMA buffers, causing the FPC to crash and the device to ...

6.5CVSS6.6AI score0.00076EPSS
CVE
CVE
added 2021/04/22 8:15 p.m.47 views

CVE-2021-0244

A signal handler race condition exists in the Layer 2 Address Learning Daemon (L2ALD) of Juniper Networks Junos OS due to the absence of a specific protection mechanism to avoid a race condition which may allow an attacker to bypass the storm-control feature on devices. This issue is a corner case ...

7.4CVSS7.3AI score0.00207EPSS
CVE
CVE
added 2021/04/22 8:15 p.m.47 views

CVE-2021-0250

In segment routing traffic engineering (SRTE) environments where the BGP Monitoring Protocol (BMP) feature is enable, a vulnerability in the Routing Protocol Daemon (RPD) process of Juniper Networks Junos OS allows an attacker to send a specific crafted BGP update message causing the RPD service to...

7.5CVSS7.4AI score0.00389EPSS
CVE
CVE
added 2021/10/19 7:15 p.m.47 views

CVE-2021-31373

A persistent Cross-Site Scripting (XSS) vulnerability in Juniper Networks Junos OS on SRX Series, J-Web interface may allow a remote authenticated user to inject persistent and malicious scripts. An attacker can exploit this vulnerability to steal sensitive data and credentials from a web administr...

8CVSS5.6AI score0.0028EPSS
CVE
CVE
added 2021/10/19 7:15 p.m.47 views

CVE-2021-31375

An Improper Input Validation vulnerability in routing process daemon (RPD) of Juniper Networks Junos OS devices configured with BGP origin validation using Resource Public Key Infrastructure (RPKI), allows an attacker to send a specific BGP update which may cause RPKI policy-checks to be bypassed. ...

7.2CVSS5.9AI score0.00207EPSS
CVE
CVE
added 2018/08/18 3:29 a.m.46 views

CVE-2018-15504

An issue was discovered in Embedthis GoAhead before 4.0.1 and Appweb before 7.0.2. The server mishandles some HTTP request fields associated with time, which results in a NULL pointer dereference, as demonstrated by If-Modified-Since or If-Unmodified-Since with a month greater than 11.

7.5CVSS7.5AI score0.00416EPSS
CVE
CVE
added 2020/07/17 7:15 p.m.46 views

CVE-2020-1644

On Juniper Networks Junos OS and Junos OS Evolved devices, the receipt of a specific BGP UPDATE packet causes an internal counter to be incremented incorrectly, which over time can lead to the routing protocols process (RPD) crash and restart. This issue affects both IBGP and EBGP multihop deployme...

7.5CVSS7.4AI score0.00389EPSS
CVE
CVE
added 2021/04/22 8:15 p.m.46 views

CVE-2021-0273

An always-incorrect control flow implementation in the implicit filter terms of Juniper Networks Junos OS and Junos OS Evolved on ACX5800, EX9200 Series, MX10000 Series, MX240, MX480, MX960 devices with affected Trio line cards allows an attacker to exploit an interdependency in the PFE UCODE micro...

5.3CVSS5.3AI score0.00268EPSS
CVE
CVE
added 2021/10/19 7:15 p.m.46 views

CVE-2021-31372

An Improper Input Validation vulnerability in J-Web of Juniper Networks Junos OS allows a locally authenticated J-Web attacker to escalate their privileges to root over the target device. This issue affects: Juniper Networks Junos OS All versions prior to 18.3R3-S5; 18.4 versions prior to 18.4R3-S9...

9CVSS8.7AI score0.00521EPSS
CVE
CVE
added 2021/10/19 7:15 p.m.46 views

CVE-2021-31374

On Juniper Networks Junos OS and Junos OS Evolved devices processing a specially crafted BGP UPDATE or KEEPALIVE message can lead to a routing process daemon (RPD) crash and restart, causing a Denial of Service (DoS). Continued receipt and processing of this message will create a sustained Denial o...

7.5CVSS7.5AI score0.00389EPSS
CVE
CVE
added 2020/07/17 7:15 p.m.45 views

CVE-2020-1643

Execution of the "show ospf interface extensive" or "show ospf interface detail" CLI commands on a Juniper Networks device running Junos OS may cause the routing protocols process (RPD) to crash and restart if OSPF interface authentication is configured, leading to a Denial of Service (DoS). By con...

5.5CVSS5.6AI score0.00139EPSS
CVE
CVE
added 2020/07/17 7:15 p.m.45 views

CVE-2020-1649

When a device running Juniper Networks Junos OS with MPC7, MPC8, or MPC9 line cards installed and the system is configured for inline IP reassembly, used by L2TP, MAP-E, GRE, and IPIP, the packet forwarding engine (PFE) will become disabled upon receipt of small fragments requiring reassembly, gene...

7.5CVSS7.5AI score0.00408EPSS
CVE
CVE
added 2021/04/22 8:15 p.m.45 views

CVE-2021-0243

Improper Handling of Unexpected Data in the firewall policer of Juniper Networks Junos OS on EX4300 switches allows matching traffic to exceed set policer limits, possibly leading to a limited Denial of Service (DoS) condition. When the firewall policer discard action fails on a Layer 2 port, it wi...

4.7CVSS4.8AI score0.00078EPSS
CVE
CVE
added 2021/10/19 7:15 p.m.45 views

CVE-2021-31365

An Uncontrolled Resource Consumption vulnerability in Juniper Networks Junos OS on EX2300, EX3400 and EX4300 Series platforms allows an adjacent attacker sending a stream of layer 2 frames will trigger an Aggregated Ethernet (AE) interface to go down and thereby causing a Denial of Service (DoS). B...

6.5CVSS6.3AI score0.00081EPSS
CVE
CVE
added 2020/04/08 8:15 p.m.44 views

CVE-2020-1625

The kernel memory usage represented as "temp" via 'show system virtual-memory' may constantly increase when Integrated Routing and Bridging (IRB) is configured with multiple underlay physical interfaces, and one interface flaps. This memory leak can affect running daemons (processes), leading to an...

6.5CVSS6.3AI score0.00107EPSS
CVE
CVE
added 2020/07/17 7:15 p.m.44 views

CVE-2020-1655

When a device running Juniper Networks Junos OS with MPC7, MPC8, or MPC9 line cards installed and the system is configured for inline IP reassembly, used by L2TP, MAP-E, GRE, and IPIP, the packet forwarding engine (PFE) will become disabled upon receipt of large packets requiring fragmentation, gen...

5.3CVSS5.2AI score0.00328EPSS
CVE
CVE
added 2021/04/22 8:15 p.m.44 views

CVE-2021-0246

On SRX1500, SRX4100, SRX4200, SRX4600, SRX5000 Series with SPC2/SPC3, devices using tenant services on Juniper Networks Junos OS, due to incorrect default permissions assigned to tenant system administrators a tenant system administrator may inadvertently send their network traffic to one or more t...

7.3CVSS7.2AI score0.00038EPSS
CVE
CVE
added 2021/04/22 8:15 p.m.44 views

CVE-2021-0251

A NULL Pointer Dereference vulnerability in the Captive Portal Content Delivery (CPCD) services daemon (cpcd) of Juniper Networks Junos OS on MX Series with MS-PIC, MS-SPC3, MS-MIC or MS-MPC allows an attacker to send malformed HTTP packets to the device thereby causing a Denial of Service (DoS), c...

8.6CVSS8.4AI score0.0039EPSS
CVE
CVE
added 2019/10/09 8:15 p.m.43 views

CVE-2019-0051

SSL-Proxy feature on SRX devices fails to handle a hardware resource limitation which can be exploited by remote SSL/TLS servers to crash the flowd daemon. Repeated crashes of the flowd daemon can result in an extended denial of service condition. For this issue to occur, clients protected by the S...

7.5CVSS6.9AI score0.00236EPSS
CVE
CVE
added 2019/10/09 8:15 p.m.43 views

CVE-2019-0062

A session fixation vulnerability in J-Web on Junos OS may allow an attacker to use social engineering techniques to fix and hijack a J-Web administrators web session and potentially gain administrative access to the device. This issue affects: Juniper Networks Junos OS 12.3 versions prior to 12.3R1...

8.8CVSS8.2AI score0.00357EPSS
CVE
CVE
added 2020/01/15 9:15 a.m.43 views

CVE-2020-1600

In a Point-to-Multipoint (P2MP) Label Switched Path (LSP) scenario, an uncontrolled resource consumption vulnerability in the Routing Protocol Daemon (RPD) in Juniper Networks Junos OS allows a specific SNMP request to trigger an infinite loop causing a high CPU usage Denial of Service (DoS) condit...

6.8CVSS6.7AI score0.00222EPSS
CVE
CVE
added 2020/04/08 8:15 p.m.43 views

CVE-2020-1628

Juniper Networks Junos OS uses the 128.0.0.0/2 subnet for internal communications between the RE and PFEs. It was discovered that packets utilizing these IP addresses may egress an EX4300 switch, leaking configuration information such as heartbeats, kernel versions, etc. out to the Internet, leadin...

5.3CVSS5.1AI score0.00382EPSS
CVE
CVE
added 2020/04/08 8:15 p.m.43 views

CVE-2020-1629

A race condition vulnerability on Juniper Network Junos OS devices may cause the routing protocol daemon (RPD) process to crash and restart while processing a BGP NOTIFICATION message. This issue affects Juniper Networks Junos OS: 16.1 versions prior to 16.1R7-S6; 16.2 versions prior to 16.2R2-S11;...

5.9CVSS5.7AI score0.00314EPSS
CVE
CVE
added 2020/10/16 9:15 p.m.43 views

CVE-2020-1685

When configuring stateless firewall filters in Juniper Networks EX4600 and QFX 5000 Series devices using Virtual Extensible LAN protocol (VXLAN), the discard action will fail to discard traffic under certain conditions. Given a firewall filter configuration similar to: family ethernet-switching { f...

5.8CVSS5.7AI score0.00208EPSS
CVE
CVE
added 2021/04/22 8:15 p.m.43 views

CVE-2021-0224

A vulnerability in the handling of internal resources necessary to bring up a large number of Layer 2 broadband remote access subscriber (BRAS) nodes in Juniper Networks Junos OS can cause the Access Node Control Protocol daemon (ANCPD) to crash and restart, leading to a Denial of Service (DoS) con...

6.5CVSS6.4AI score0.00081EPSS
CVE
CVE
added 2021/04/22 8:15 p.m.43 views

CVE-2021-0259

Due to a vulnerability in DDoS protection in Juniper Networks Junos OS and Junos OS Evolved on QFX5K Series switches in a VXLAN configuration, instability might be experienced in the underlay network as a consequence of exceeding the default ddos-protection aggregate threshold. If an attacker on a ...

7.4CVSS7.2AI score0.00107EPSS
CVE
CVE
added 2020/01/15 9:15 a.m.42 views

CVE-2020-1607

Insufficient Cross-Site Scripting (XSS) protection in J-Web may potentially allow a remote attacker to inject web script or HTML, hijack the target user's J-Web session and perform administrative actions on the Junos device as the targeted user. This issue affects Juniper Networks Junos OS 12.3 ver...

7.5CVSS6.3AI score0.00336EPSS
CVE
CVE
added 2020/10/16 9:15 p.m.42 views

CVE-2020-1671

On Juniper Networks Junos OS platforms configured as DHCPv6 local server or DHCPv6 Relay Agent, Juniper Networks Dynamic Host Configuration Protocol Daemon (JDHCPD) process might crash with a core dump if a malformed DHCPv6 packet is received, resulting with the restart of the daemon. This issue on...

7.5CVSS7.5AI score0.00389EPSS
CVE
CVE
added 2020/10/16 9:15 p.m.42 views

CVE-2020-1680

On Juniper Networks MX Series with MS-MIC or MS-MPC card configured with NAT64 configuration, receipt of a malformed IPv6 packet may crash the MS-PIC component on MS-MIC or MS-MPC. This issue occurs when a multiservice card is translating the malformed IPv6 packet to IPv4 packet. An unauthenticated...

5.3CVSS5.2AI score0.00299EPSS
CVE
CVE
added 2021/04/22 8:15 p.m.42 views

CVE-2021-0228

An improper check for unusual or exceptional conditions vulnerability in Juniper Networks MX Series platforms with Trio-based MPC (Modular Port Concentrator) deployed in (Ethernet VPN) EVPN-(Virtual Extensible LAN) VXLAN configuration, may allow an attacker sending specific Layer 2 traffic to cause...

6.5CVSS6.5AI score0.00081EPSS
CVE
CVE
added 2021/04/22 8:15 p.m.42 views

CVE-2021-0230

On Juniper Networks SRX Series devices with link aggregation (lag) configured, executing any operation that fetches Aggregated Ethernet (AE) interface statistics, including but not limited to SNMP GET requests, causes a slow kernel memory leak. If all the available memory is consumed, the traffic w...

7.5CVSS7.6AI score0.00389EPSS
CVE
CVE
added 2023/04/17 10:15 p.m.42 views

CVE-2023-28964

An Improper Handling of Length Parameter Inconsistency vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a network based, unauthenticated attacker to cause an RPD crash leading to a Denial of Service (DoS). Continued receipt and processing o...

7.5CVSS7.5AI score0.00235EPSS
CVE
CVE
added 2019/10/09 8:15 p.m.41 views

CVE-2019-0050

Under certain heavy traffic conditions srxpfe process can crash and result in a denial of service condition for the SRX1500 device. Repeated crashes of the srxpfe can result in an extended denial of service condition. The SRX device may fail to forward traffic when this condition occurs. Affected r...

7.5CVSS7.5AI score0.00389EPSS
Total number of security vulnerabilities190