Vulnerabilities > Juniper > Junos OS Evolved > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-07-15 | CVE-2021-0291 | Information Exposure vulnerability in Juniper Junos 15.1/17.3/17.4 An Exposure of System Data vulnerability in Juniper Networks Junos OS and Junos OS Evolved, where a sensitive system-level resource is not being sufficiently protected, allows a network-based unauthenticated attacker to send specific traffic which partially reaches this resource. | 6.5 |
2021-07-15 | CVE-2021-0292 | Resource Exhaustion vulnerability in Juniper Junos OS Evolved 19.4/20.1/20.2 An Uncontrolled Resource Consumption vulnerability in the ARP daemon (arpd) and Network Discovery Protocol (ndp) process of Juniper Networks Junos OS Evolved allows a malicious attacker on the local network to consume memory resources, ultimately resulting in a Denial of Service (DoS) condition. | 6.5 |
2021-04-22 | CVE-2021-0239 | Improper Check for Unusual or Exceptional Conditions vulnerability in Juniper Junos OS Evolved 20.4 In Juniper Networks Junos OS Evolved, receipt of a stream of specific genuine Layer 2 frames may cause the Advanced Forwarding Toolkit (AFT) manager process (Evo-aftmand), responsible for handling Route, Class-of-Service (CoS), Firewall operations within the packet forwarding engine (PFE) to crash and restart, leading to a Denial of Service (DoS) condition. | 6.5 |
2021-04-22 | CVE-2021-0225 | Improper Check for Unusual or Exceptional Conditions vulnerability in Juniper Junos OS Evolved An Improper Check for Unusual or Exceptional Conditions in Juniper Networks Junos OS Evolved may cause the stateless firewall filter configuration which uses the action 'policer' in certain combinations with other options to not take effect. | 5.8 |
2021-01-15 | CVE-2021-0209 | Access of Uninitialized Pointer vulnerability in Juniper Junos OS Evolved 19.4/20.1 In Juniper Networks Junos OS Evolved an attacker sending certain valid BGP update packets may cause Junos OS Evolved to access an uninitialized pointer causing RPD to core leading to a Denial of Service (DoS). | 6.5 |
2020-04-08 | CVE-2020-1624 | Information Exposure Through Log Files vulnerability in Juniper Junos OS Evolved 18.3/19.1 A local, authenticated user with shell can obtain the hashed values of login passwords and shared secrets via raw objmon configuration files. | 5.5 |
2020-04-08 | CVE-2020-1623 | Information Exposure Through Log Files vulnerability in Juniper Junos OS Evolved 18.3/19.1/19.2 A local, authenticated user with shell can view sensitive configuration information via the ev.ops configuration file. | 5.5 |
2020-04-08 | CVE-2020-1622 | Information Exposure Through Log Files vulnerability in Juniper Junos OS Evolved 18.3/19.1 A local, authenticated user with shell can obtain the hashed values of login passwords and shared secrets via the EvoSharedObjStore. | 5.5 |
2020-04-08 | CVE-2020-1621 | Information Exposure Through Log Files vulnerability in Juniper Junos OS Evolved A local, authenticated user with shell can obtain the hashed values of login passwords via configd traces. | 5.5 |
2020-04-08 | CVE-2020-1620 | Information Exposure Through Log Files vulnerability in Juniper Junos OS Evolved A local, authenticated user with shell can obtain the hashed values of login passwords via configd streamer log. | 5.5 |