Vulnerabilities > Juniper

DATE CVE VULNERABILITY TITLE RISK
2020-10-16 CVE-2020-1689 Resource Exhaustion vulnerability in Juniper Junos
On Juniper Networks EX4300-MP Series, EX4600 Series and QFX5K Series deployed in a Virtual Chassis configuration, receipt of a stream of specific layer 2 frames can cause high CPU load, which could lead to traffic interruption.
low complexity
juniper CWE-400
3.3
2020-10-16 CVE-2020-1688 Missing Encryption of Sensitive Data vulnerability in Juniper Junos 12.3X48/15.1X49/18.2
On Juniper Networks SRX Series and NFX Series, a local authenticated user with access to the shell may obtain the Web API service private key that is used to provide encrypted communication between the Juniper device and the authenticator services.
local
low complexity
juniper CWE-311
2.1
2020-10-16 CVE-2020-1687 Resource Exhaustion vulnerability in Juniper Junos 17.3/17.4/18.1
On Juniper Networks EX4300-MP Series, EX4600 Series and QFX5K Series deployed in (Ethernet VPN) EVPN-(Virtual Extensible LAN) VXLAN configuration, receipt of a stream of specific VXLAN encapsulated layer 2 frames can cause high CPU load, which could lead to network protocol operation issue and traffic interruption.
2.9
2020-10-16 CVE-2020-1686 Unspecified vulnerability in Juniper Junos
On Juniper Networks Junos OS devices, receipt of a malformed IPv6 packet may cause the system to crash and restart (vmcore).
network
low complexity
juniper
7.8
2020-10-16 CVE-2020-1685 Information Exposure Through Discrepancy vulnerability in Juniper Junos
When configuring stateless firewall filters in Juniper Networks EX4600 and QFX 5000 Series devices using Virtual Extensible LAN protocol (VXLAN), the discard action will fail to discard traffic under certain conditions.
network
low complexity
juniper CWE-203
5.0
2020-10-16 CVE-2020-1684 Resource Exhaustion vulnerability in Juniper Junos 12.3X48/15.1X49/18.2
On Juniper Networks SRX Series configured with application identification inspection enabled, receipt of specific HTTP traffic can cause high CPU load utilization, which could lead to traffic interruption.
network
juniper CWE-400
4.3
2020-10-16 CVE-2020-1683 Memory Leak vulnerability in Juniper Junos
On Juniper Networks Junos OS devices, a specific SNMP OID poll causes a memory leak which over time leads to a kernel crash (vmcore).
network
low complexity
juniper CWE-401
7.8
2020-10-16 CVE-2020-1682 Improper Input Validation vulnerability in Juniper Junos 15.1X49/17.4
An input validation vulnerability exists in Juniper Networks Junos OS, allowing an attacker to crash the srxpfe process, causing a Denial of Service (DoS) through the use of specific maintenance commands.
local
low complexity
juniper CWE-20
2.1
2020-10-16 CVE-2020-1681 Improper Handling of Exceptional Conditions vulnerability in Juniper Junos Evolved
Receipt of a specifically malformed NDP packet sent from the local area network (LAN) to a device running Juniper Networks Junos OS Evolved can cause the ndp process to crash, resulting in a Denial of Service (DoS).
low complexity
juniper CWE-755
3.3
2020-10-16 CVE-2020-1680 Incorrect Calculation of Buffer Size vulnerability in Juniper Junos 15.1/15.1X53/18.2
On Juniper Networks MX Series with MS-MIC or MS-MPC card configured with NAT64 configuration, receipt of a malformed IPv6 packet may crash the MS-PIC component on MS-MIC or MS-MPC.
network
low complexity
juniper CWE-131
5.0