Vulnerabilities > Juniper
|2021-07-15||CVE-2021-0276|| Out-Of-Bounds Write vulnerability in Juniper Steel-Belted Radius Carrier 8.4.1/8.5.0/8.6.0 |
A stack-based Buffer Overflow vulnerability in Juniper Networks SBR Carrier with EAP (Extensible Authentication Protocol) authentication configured, allows an attacker sending specific packets causing the radius daemon to crash resulting with a Denial of Service (DoS) or leading to remote code execution (RCE).
| 6.8 |
|2021-07-15||CVE-2021-0277|| Out-Of-Bounds Read vulnerability in Juniper Junos 12.3/15.1 |
An Out-of-bounds Read vulnerability in the processing of specially crafted LLDP frames by the Layer 2 Control Protocol Daemon (l2cpd) of Juniper Networks Junos OS and Junos OS Evolved may allow an attacker to cause a Denial of Service (DoS), or may lead to remote code execution (RCE).
| 5.8 |
|2021-07-15||CVE-2021-0278|| Improper Input Validation vulnerability in Juniper Junos |
An Improper Input Validation vulnerability in J-Web of Juniper Networks Junos OS allows a locally authenticated attacker to escalate their privileges to root over the target device.
| 7.2 |
|2021-07-15||CVE-2021-0279|| USE of Hard-Coded Credentials vulnerability in Juniper Contrail Cloud |
Juniper Networks Contrail Cloud (CC) releases prior to 13.6.0 have RabbitMQ service enabled by default with hardcoded credentials.
| 5.5 |
|2021-07-15||CVE-2021-0280|| Improper Initialization vulnerability in Juniper Junos |
Due to an Improper Initialization vulnerability in Juniper Networks Junos OS on PTX platforms and QFX10K Series with Paradise (PE) chipset-based line cards, ddos-protection configuration changes made from the CLI will not take effect as expected beyond the default DDoS (Distributed Denial of Service) settings in the Packet Forwarding Engine (PFE).
| 5.0 |
|2021-07-15||CVE-2021-0281|| Improper Check for Unusual OR Exceptional Conditions vulnerability in Juniper Junos |
On Juniper Networks Junos OS devices configured with BGP origin validation using Resource Public Key Infrastructure (RPKI) receipt of a specific packet from the RPKI cache server may cause routing process daemon (RPD) to crash and restart, creating a Denial of Service (DoS) condition.
| 4.3 |
|2021-07-15||CVE-2021-0282|| Improper Check for Unusual OR Exceptional Conditions vulnerability in Juniper Junos 12.3/15.1 |
On Juniper Networks Junos OS devices with Multipath or add-path feature enabled, processing a specific BGP UPDATE can lead to a routing process daemon (RPD) crash and restart, causing a Denial of Service (DoS).
| 7.1 |
|2021-07-15||CVE-2021-0283|| Classic Buffer Overflow vulnerability in Juniper Junos 12.3/15.1/16.1 |
A buffer overflow vulnerability in the TCP/IP stack of Juniper Networks Junos OS allows an attacker to send specific sequences of packets to the device thereby causing a Denial of Service (DoS).
| 7.8 |
|2021-07-15||CVE-2021-0285|| Allocation of Resources Without Limits OR Throttling vulnerability in Juniper Junos 15.1/17.3 |
An uncontrolled resource consumption vulnerability in Juniper Networks Junos OS on QFX5000 Series and EX4600 Series switches allows an attacker sending large amounts of legitimate traffic destined to the device to cause Interchassis Control Protocol (ICCP) interruptions, leading to an unstable control connection between the Multi-Chassis Link Aggregation Group (MC-LAG) nodes which can in turn lead to traffic loss.
| 5.0 |
|2021-07-15||CVE-2021-0286|| Improper Check for Unusual OR Exceptional Conditions vulnerability in Juniper Junos Evolved |
A vulnerability in the handling of exceptional conditions in Juniper Networks Junos OS Evolved (EVO) allows an attacker to send specially crafted packets to the device, causing the Advanced Forwarding Toolkit manager (evo-aftmand-bt or evo-aftmand-zx) process to crash and restart, impacting all traffic going through the FPC, resulting in a Denial of Service (DoS).
| 7.8 |