Junos Security Vulnerabilities and Issues — Junos CVE List

Lucene search

JuniperJunos

7 matches found

CVE•added 2018/04/11 7:29 p.m.•61 views

CVE-2018-0016

Receipt of a specially crafted Connectionless Network Protocol (CLNP) datagram destined to an interface of a Junos OS device may result in a kernel crash or lead to remote code execution. Devices are only vulnerable to the specially crafted CLNP datagram if 'clns-routing' or ES-IS is explicitly con...

9.8CVSS7.9AI score0.15174EPSS

CVE•added 2018/04/11 7:29 p.m.•55 views

CVE-2018-0017

A vulnerability in the Network Address Translation - Protocol Translation (NAT-PT) feature of Junos OS on SRX series devices may allow a certain valid IPv6 packet to crash the flowd daemon. Repeated crashes of the flowd daemon can result in an extended denial of service condition for the SRX device...

7.5CVSS6.9AI score0.0049EPSS

CVE•added 2018/04/11 7:29 p.m.•55 views

CVE-2018-0021

If all 64 digits of the connectivity association name (CKN) key or all 32 digits of the connectivity association key (CAK) key are not configured, all remaining digits will be auto-configured to 0. Hence, Juniper devices configured with short MacSec keys are at risk to an increased likelihood that ...

8.8CVSS8.8AI score0.00169EPSS

CVE•added 2018/04/11 7:29 p.m.•53 views

CVE-2018-0018

On SRX Series devices during compilation of IDP policies, an attacker sending specially crafted packets may be able to bypass firewall rules, leading to information disclosure which an attacker may use to gain control of the target device or other internal devices, systems or services protected by ...

7.5CVSS6.6AI score0.00207EPSS

CVE•added 2018/04/11 7:29 p.m.•53 views

CVE-2018-0019

A vulnerability in Junos OS SNMP MIB-II subagent daemon (mib2d) may allow a remote network based attacker to cause the mib2d process to crash resulting in a denial of service condition (DoS) for the SNMP subsystem. While a mib2d process crash can disrupt the network monitoring via SNMP, it does not...

5.9CVSS5.9AI score0.00337EPSS

CVE•added 2018/04/11 7:29 p.m.•51 views

CVE-2018-0022

A Junos device with VPLS routing-instances configured on one or more interfaces may be susceptible to an mbuf leak when processing a specific MPLS packet. Approximately 1 mbuf is leaked per each packet processed. The number of mbufs is platform dependent. The following command provides the number o...

7.8CVSS7.6AI score0.01351EPSS

CVE•added 2018/04/11 7:29 p.m.•49 views

CVE-2018-0020

Junos OS may be impacted by the receipt of a malformed BGP UPDATE which can lead to a routing process daemon (rpd) crash and restart. Receipt of a repeated malformed BGP UPDATEs can result in an extended denial of service condition for the device. This malformed BGP UPDATE does not propagate to oth...

7.8CVSS7.5AI score0.00353EPSS