Vulnerabilities > Juniper > Junos > 11.4x27
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-10-19 | CVE-2021-31369 | Allocation of Resources Without Limits or Throttling vulnerability in Juniper Junos On MX Series platforms with MS-MPC/MS-MIC, an Allocation of Resources Without Limits or Throttling vulnerability in Juniper Networks Junos OS allows an unauthenticated network attacker to cause a partial Denial of Service (DoS) with a high rate of specific traffic. | 4.3 |
2021-10-19 | CVE-2021-31371 | Unspecified vulnerability in Juniper Junos Juniper Networks Junos OS uses the 128.0.0.0/2 subnet for internal communications between the RE and PFEs. | 5.0 |
2021-10-19 | CVE-2021-31372 | Improper Input Validation vulnerability in Juniper Junos An Improper Input Validation vulnerability in J-Web of Juniper Networks Junos OS allows a locally authenticated J-Web attacker to escalate their privileges to root over the target device. | 9.0 |
2021-07-15 | CVE-2021-0289 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Juniper Junos When user-defined ARP Policer is configured and applied on one or more Aggregated Ethernet (AE) interface units, a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability between the Device Control Daemon (DCD) and firewall process (dfwd) daemons of Juniper Networks Junos OS allows an attacker to bypass the user-defined ARP Policer. | 2.9 |
2021-04-22 | CVE-2021-0248 | Use of Hard-coded Credentials vulnerability in Juniper Junos This issue is not applicable to NFX NextGen Software. | 7.5 |
2020-04-08 | CVE-2020-1614 | Use of Hard-coded Credentials vulnerability in Juniper Junos A Use of Hard-coded Credentials vulnerability exists in the NFX250 Series for the vSRX Virtual Network Function (VNF) instance, which allows an attacker to take control of the vSRX VNF instance if they have the ability to access an administrative service (e.g. | 9.3 |
2019-10-09 | CVE-2019-0070 | Improper Input Validation vulnerability in Juniper Junos An Improper Input Validation weakness allows a malicious local attacker to elevate their permissions to take control of other portions of the NFX platform they should not be able to access, and execute commands outside their authorized scope of control. | 7.2 |
2019-10-09 | CVE-2019-0057 | Unspecified vulnerability in Juniper Junos An improper authorization weakness in Juniper Networks Junos OS allows a local authenticated attacker to bypass regular security controls to access the Junos Device Manager (JDM) application and take control of the system. | 7.2 |
2019-04-10 | CVE-2019-0036 | Improper Check for Unusual or Exceptional Conditions vulnerability in Juniper Junos When configuring a stateless firewall filter in Junos OS, terms named using the format "internal-n" (e.g. | 7.5 |
2014-04-14 | CVE-2014-2711 | Cross-Site Scripting vulnerability in Juniper Junos Cross-site scripting (XSS) vulnerability in J-Web in Juniper Junos before 11.4R11, 11.4X27 before 11.4X27.62 (BBE), 12.1 before 12.1R9, 12.1X44 before 12.1X44-D35, 12.1X45 before 12.1X45-D25, 12.1X46 before 12.1X46-D20, 12.2 before 12.2R7, 12.3 before 12.3R6, 13.1 before 13.1R4, 13.2 before 13.2R3, and 13.3 before 13.3R1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |