Vulnerabilities > Juniper > Junos OS Evolved > 19.4
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-07-15 | CVE-2021-0291 | Information Exposure vulnerability in Juniper Junos 15.1/17.3 An Exposure of System Data vulnerability in Juniper Networks Junos OS and Junos OS Evolved, where a sensitive system-level resource is not being sufficiently protected, allows a network-based unauthenticated attacker to send specific traffic which partially reaches this resource. | 6.4 |
2021-07-15 | CVE-2021-0292 | Resource Exhaustion vulnerability in Juniper Junos OS Evolved 19.4/20.1/20.2 An Uncontrolled Resource Consumption vulnerability in the ARP daemon (arpd) and Network Discovery Protocol (ndp) process of Juniper Networks Junos OS Evolved allows a malicious attacker on the local network to consume memory resources, ultimately resulting in a Denial of Service (DoS) condition. | 3.3 |
2021-04-22 | CVE-2021-0273 | Infinite Loop vulnerability in Juniper Junos 15.1/15.2/16.1 An always-incorrect control flow implementation in the implicit filter terms of Juniper Networks Junos OS and Junos OS Evolved on ACX5800, EX9200 Series, MX10000 Series, MX240, MX480, MX960 devices with affected Trio line cards allows an attacker to exploit an interdependency in the PFE UCODE microcode of the Trio chipset with various line cards to cause packets destined to the devices interfaces to cause a Denial of Service (DoS) condition by looping the packet with an unreachable exit condition ('Infinite Loop'). | 5.0 |
2021-01-15 | CVE-2021-0211 | Improper Check for Unusual or Exceptional Conditions vulnerability in Juniper Junos 17.3/17.4/18.1 An improper check for unusual or exceptional conditions in Juniper Networks Junos OS and Junos OS Evolved Routing Protocol Daemon (RPD) service allows an attacker to send a valid BGP FlowSpec message thereby causing an unexpected change in the route advertisements within the BGP FlowSpec domain leading to disruptions in network traffic causing a Denial of Service (DoS) condition. | 6.4 |
2021-01-15 | CVE-2021-0209 | Access of Uninitialized Pointer vulnerability in Juniper Junos OS Evolved 19.4/20.1 In Juniper Networks Junos OS Evolved an attacker sending certain valid BGP update packets may cause Junos OS Evolved to access an uninitialized pointer causing RPD to core leading to a Denial of Service (DoS). | 5.7 |
2021-01-15 | CVE-2021-0208 | Improper Input Validation vulnerability in Juniper Junos 15.1X49/17.3/17.4 An improper input validation vulnerability in the Routing Protocol Daemon (RPD) service of Juniper Networks Junos OS allows an attacker to send a malformed RSVP packet when bidirectional LSPs are in use, which when received by an egress router crashes the RPD causing a Denial of Service (DoS) condition. | 3.3 |
2020-10-16 | CVE-2020-1681 | Reachable Assertion vulnerability in Juniper Junos OS Evolved Receipt of a specifically malformed NDP packet sent from the local area network (LAN) to a device running Juniper Networks Junos OS Evolved can cause the ndp process to crash, resulting in a Denial of Service (DoS). | 6.5 |
2020-10-16 | CVE-2020-1678 | Memory Leak vulnerability in Juniper Junos and Junos OS Evolved On Juniper Networks Junos OS and Junos OS Evolved platforms with EVPN configured, receipt of specific BGP packets causes a slow memory leak. | 2.9 |
2020-10-16 | CVE-2020-1666 | Insufficient Session Expiration vulnerability in Juniper Junos OS Evolved The system console configuration option 'log-out-on-disconnect' In Juniper Networks Junos OS Evolved fails to log out an active CLI session when the console cable is disconnected. | 7.2 |
2020-07-17 | CVE-2020-1648 | Unspecified vulnerability in Juniper Junos and Junos OS Evolved On Juniper Networks Junos OS and Junos OS Evolved devices, processing a specific BGP packet can lead to a routing process daemon (RPD) crash and restart. | 5.0 |