Vulnerabilities > Juniper > Junos OS Evolved > 19.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-19 | CVE-2021-31350 | Improper Privilege Management vulnerability in Juniper Junos and Junos OS Evolved An Improper Privilege Management vulnerability in the gRPC framework, used by the Juniper Extension Toolkit (JET) API on Juniper Networks Junos OS and Junos OS Evolved, allows a network-based, low-privileged authenticated attacker to perform operations as root, leading to complete compromise of the targeted system. | 8.8 |
| 2021-10-19 | CVE-2021-31357 | OS Command Injection vulnerability in Juniper Junos OS Evolved A command injection vulnerability in tcpdump command processing on Juniper Networks Junos OS Evolved allows an attacker with authenticated CLI access to be able to bypass configured access protections to execute arbitrary shell commands within the context of the current user. | 7.8 |
| 2021-04-22 | CVE-2021-0264 | Improper Handling of Exceptional Conditions vulnerability in Juniper Junos and Junos OS Evolved A vulnerability in the processing of traffic matching a firewall filter containing a syslog action in Juniper Networks Junos OS on MX Series with MPC10/MPC11 cards installed, PTX10003 and PTX10008 Series devices, will cause the line card to crash and restart, creating a Denial of Service (DoS). | 7.5 |
| 2021-04-22 | CVE-2021-0225 | Improper Check for Unusual or Exceptional Conditions vulnerability in Juniper Junos OS Evolved An Improper Check for Unusual or Exceptional Conditions in Juniper Networks Junos OS Evolved may cause the stateless firewall filter configuration which uses the action 'policer' in certain combinations with other options to not take effect. | 5.8 |
| 2020-07-17 | CVE-2020-1644 | Improper Input Validation vulnerability in Juniper Junos On Juniper Networks Junos OS and Junos OS Evolved devices, the receipt of a specific BGP UPDATE packet causes an internal counter to be incremented incorrectly, which over time can lead to the routing protocols process (RPD) crash and restart. | 7.5 |
| 2020-04-08 | CVE-2020-1624 | Information Exposure Through Log Files vulnerability in Juniper Junos OS Evolved 18.3/19.1 A local, authenticated user with shell can obtain the hashed values of login passwords and shared secrets via raw objmon configuration files. | 5.5 |
| 2020-04-08 | CVE-2020-1623 | Information Exposure Through Log Files vulnerability in Juniper Junos OS Evolved 18.3/19.1/19.2 A local, authenticated user with shell can view sensitive configuration information via the ev.ops configuration file. | 5.5 |
| 2020-04-08 | CVE-2020-1622 | Information Exposure Through Log Files vulnerability in Juniper Junos OS Evolved 18.3/19.1 A local, authenticated user with shell can obtain the hashed values of login passwords and shared secrets via the EvoSharedObjStore. | 5.5 |
| 2020-04-08 | CVE-2020-1621 | Information Exposure Through Log Files vulnerability in Juniper Junos OS Evolved A local, authenticated user with shell can obtain the hashed values of login passwords via configd traces. | 5.5 |
| 2020-04-08 | CVE-2020-1620 | Information Exposure Through Log Files vulnerability in Juniper Junos OS Evolved A local, authenticated user with shell can obtain the hashed values of login passwords via configd streamer log. | 5.5 |