Vulnerabilities > Juniper > Junos > 14.1x53
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-22 | CVE-2021-0247 | Race Condition vulnerability in Juniper Junos 14.1X53/15.1X53 A Race Condition (Concurrent Execution using Shared Resource with Improper Synchronization) vulnerability in the firewall process (dfwd) of Juniper Networks Junos OS allows an attacker to bypass the firewall rule sets applied to the input loopback filter on any interfaces of a device. | 6.8 |
| 2021-04-22 | CVE-2021-0244 | Race Condition vulnerability in Juniper Junos 14.1X53/15.1 A signal handler race condition exists in the Layer 2 Address Learning Daemon (L2ALD) of Juniper Networks Junos OS due to the absence of a specific protection mechanism to avoid a race condition which may allow an attacker to bypass the storm-control feature on devices. | 4.3 |
| 2021-01-15 | CVE-2021-0222 | Unspecified vulnerability in Juniper Junos 14.1X53/15.1 A vulnerability in Juniper Networks Junos OS allows an attacker to cause a Denial of Service (DoS) to the device by sending certain crafted protocol packets from an adjacent device with invalid payloads to the device. low complexity juniper | 6.1 |
| 2021-01-15 | CVE-2021-0215 | Memory Leak vulnerability in Juniper Junos On Juniper Networks Junos EX series, QFX Series, MX Series and SRX branch series devices, a memory leak occurs every time the 802.1X authenticator port interface flaps which can lead to other processes, such as the pfex process, responsible for packet forwarding, to crash and restart. | 2.9 |
| 2020-10-16 | CVE-2020-1661 | Unspecified vulnerability in Juniper Junos 12.3/15.1 On Juniper Networks Junos OS devices configured as a DHCP forwarder, the Juniper Networks Dynamic Host Configuration Protocol Daemon (jdhcp) process might crash when receiving a malformed DHCP packet. network juniper | 4.3 |
| 2020-10-16 | CVE-2020-1656 | Improper Input Validation vulnerability in Juniper Junos The DHCPv6 Relay-Agent service, part of the Juniper Enhanced jdhcpd daemon shipped with Juniper Networks Junos OS has an Improper Input Validation vulnerability which will result in a Denial of Service (DoS) condition when a DHCPv6 client sends a specific DHPCv6 message allowing an attacker to potentially perform a Remote Code Execution (RCE) attack on the target device. | 5.8 |
| 2020-07-17 | CVE-2020-1643 | Improper Handling of Exceptional Conditions vulnerability in Juniper Junos 12.3X48/14.1X53/15.1 Execution of the "show ospf interface extensive" or "show ospf interface detail" CLI commands on a Juniper Networks device running Junos OS may cause the routing protocols process (RPD) to crash and restart if OSPF interface authentication is configured, leading to a Denial of Service (DoS). | 1.9 |
| 2020-05-04 | CVE-2020-1631 | Path Traversal vulnerability in Juniper Junos A vulnerability in the HTTP/HTTPS service used by J-Web, Web Authentication, Dynamic-VPN (DVPN), Firewall Authentication Pass-Through with Web-Redirect, and Zero Touch Provisioning (ZTP) allows an unauthenticated attacker to perform local file inclusion (LFI) or path traversal. | 9.8 |
| 2020-04-08 | CVE-2020-1639 | Improper Handling of Exceptional Conditions vulnerability in Juniper Junos When an attacker sends a specific crafted Ethernet Operation, Administration, and Maintenance (Ethernet OAM) packet to a target device, it may improperly handle the incoming malformed data and fail to sanitize this incoming data resulting in an overflow condition. | 7.5 |
| 2020-04-08 | CVE-2020-1630 | Unspecified vulnerability in Juniper Junos A privilege escalation vulnerability in Juniper Networks Junos OS devices configured with dual Routing Engines (RE), Virtual Chassis (VC) or high-availability cluster may allow a local authenticated low-privileged user with access to the shell to perform unauthorized configuration modification. | 2.1 |