Vulnerabilities > Juniper > Junos > 12.3x48
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-09 | CVE-2019-0070 | Improper Input Validation vulnerability in Juniper Junos An Improper Input Validation weakness allows a malicious local attacker to elevate their permissions to take control of other portions of the NFX platform they should not be able to access, and execute commands outside their authorized scope of control. | 8.8 |
| 2019-10-09 | CVE-2019-0068 | Improper Check for Unusual or Exceptional Conditions vulnerability in Juniper Junos The SRX flowd process, responsible for packet forwarding, may crash and restart when processing specific multicast packets. | 7.5 |
| 2019-10-09 | CVE-2019-0062 | Session Fixation vulnerability in Juniper Junos A session fixation vulnerability in J-Web on Junos OS may allow an attacker to use social engineering techniques to fix and hijack a J-Web administrators web session and potentially gain administrative access to the device. | 8.8 |
| 2019-10-09 | CVE-2019-0058 | Unspecified vulnerability in Juniper Junos 12.3X48 A vulnerability in the Veriexec subsystem of Juniper Networks Junos OS allowing an attacker to fully compromise the host system. | 7.8 |
| 2019-10-09 | CVE-2019-0057 | Unspecified vulnerability in Juniper Junos An improper authorization weakness in Juniper Networks Junos OS allows a local authenticated attacker to bypass regular security controls to access the Junos Device Manager (JDM) application and take control of the system. | 7.8 |
| 2019-10-09 | CVE-2019-0055 | Unspecified vulnerability in Juniper Junos A vulnerability in the SIP ALG packet processing service of Juniper Networks Junos OS allows an attacker to cause a Denial of Service (DoS) to the device by sending specific types of valid SIP traffic to the device. | 7.5 |
| 2019-10-09 | CVE-2019-0051 | Improper Handling of Exceptional Conditions vulnerability in Juniper Junos SSL-Proxy feature on SRX devices fails to handle a hardware resource limitation which can be exploited by remote SSL/TLS servers to crash the flowd daemon. | 7.5 |
| 2019-10-09 | CVE-2019-0047 | Cross-site Scripting vulnerability in Juniper Junos A persistent Cross-Site Scripting (XSS) vulnerability in Junos OS J-Web interface may allow remote unauthenticated attackers to perform administrative actions on the Junos device. | 8.8 |
| 2019-07-11 | CVE-2019-0053 | Out-of-bounds Write vulnerability in multiple products Insufficient validation of environment variables in the telnet client supplied in Junos OS can lead to stack-based buffer overflows, which can be exploited to bypass veriexec restrictions on Junos OS. | 7.8 |
| 2019-07-11 | CVE-2019-0052 | Interpretation Conflict vulnerability in Juniper Junos The srxpfe process may crash on SRX Series services gateways when the UTM module processes a specific fragmented HTTP packet. | 7.5 |