Vulnerabilities > Juniper > Junos > 14.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-07-17 | CVE-2017-2344 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Juniper Junos A routine within an internal Junos OS sockets library is vulnerable to a buffer overflow. | 7.8 |
| 2017-07-17 | CVE-2017-2314 | Improper Input Validation vulnerability in Juniper Junos Receipt of a malformed BGP OPEN message may cause the routing protocol daemon (rpd) process to crash and restart. | 7.5 |
| 2017-07-17 | CVE-2017-10602 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Juniper Junos A buffer overflow vulnerability in Junos OS CLI may allow a local authenticated user with read only privileges and access to Junos CLI, to execute code with root privileges. | 7.8 |
| 2017-07-17 | CVE-2017-10601 | Improper Authentication vulnerability in Juniper Junos A specific device configuration can result in a commit failure condition. | 9.8 |
| 2017-05-30 | CVE-2017-2303 | Unspecified vulnerability in Juniper Junos On Juniper Networks products or platforms running Junos OS 12.1X46 prior to 12.1X46-D50, 12.1X47 prior to 12.1X47-D40, 12.3 prior to 12.3R13, 12.3X48 prior to 12.3X48-D30, 13.2X51 prior to 13.2X51-D40, 13.3 prior to 13.3R10, 14.1 prior to 14.1R8, 14.1X53 prior to 14.1X53-D35, 14.1X55 prior to 14.1X55-D35, 14.2 prior to 14.2R5, 15.1 prior to 15.1F6 or 15.1R3, 15.1X49 prior to 15.1X49-D30 or 15.1X49-D40, 15.1X53 prior to 15.1X53-D35, and where RIP is enabled, certain RIP advertisements received by the router may cause the RPD daemon to crash resulting in a denial of service condition. | 7.5 |
| 2017-05-30 | CVE-2017-2301 | Unspecified vulnerability in Juniper Junos On Juniper Networks products or platforms running Junos OS 11.4 prior to 11.4R13-S3, 12.1X46 prior to 12.1X46-D60, 12.3 prior to 12.3R12-S2 or 12.3R13, 12.3X48 prior to 12.3X48-D40, 13.2X51 prior to 13.2X51-D40, 13.3 prior to 13.3R10, 14.1 prior to 14.1R8, 14.1X53 prior to 14.1X53-D12 or 14.1X53-D35, 14.1X55 prior to 14.1X55-D35, 14.2 prior to 14.2R7, 15.1 prior to 15.1F6 or 15.1R3, 15.1X49 prior to 15.1X49-D60, 15.1X53 prior to 15.1X53-D30 and DHCPv6 enabled, when a crafted DHCPv6 packet is received from a subscriber, jdhcpd daemon crashes and restarts. | 7.5 |
| 2017-04-24 | CVE-2017-2315 | Missing Release of Resource after Effective Lifetime vulnerability in Juniper Junos On Juniper Networks EX Series Ethernet Switches running affected Junos OS versions, a vulnerability in IPv6 processing has been discovered that may allow a specially crafted IPv6 Neighbor Discovery (ND) packet destined to an EX Series Ethernet Switch to cause a slow memory leak. | 7.5 |
| 2017-04-24 | CVE-2017-2312 | Missing Release of Resource after Effective Lifetime vulnerability in Juniper Junos On Juniper Networks devices running Junos OS affected versions and with LDP enabled, a specific LDP packet destined to the RE (Routing Engine) will consume a small amount of the memory allocated for the rpd (routing protocol daemon) process. | 6.5 |
| 2016-09-09 | CVE-2016-1280 | Improper Validation of Certificate with Host Mismatch vulnerability in Juniper Junos PKId in Juniper Junos OS before 12.1X44-D52, 12.1X46 before 12.1X46-D37, 12.1X47 before 12.1X47-D30, 12.3 before 12.3R12, 12.3X48 before 12.3X48-D20, 13.3 before 13.3R10, 14.1 before 14.1R8, 14.1X53 before 14.1X53-D40, 14.2 before 14.2R7, 15.1 before 15.1R4, 15.1X49 before 15.1X49-D20, 15.1X53 before 15.1X53-D60, and 16.1 before 16.1R1 allow remote attackers to bypass an intended certificate validation mechanism via a self-signed certificate with an Issuer name that matches a valid CA certificate enrolled in Junos. | 6.5 |
| 2016-09-09 | CVE-2016-1279 | Information Exposure vulnerability in Juniper Junos J-Web in Juniper Junos OS before 12.1X46-D45, 12.1X46-D50, 12.1X47 before 12.1X47-D35, 12.3 before 12.3R12, 12.3X48 before 12.3X48-D25, 13.3 before 13.3R10, 13.3R9 before 13.3R9-S1, 14.1 before 14.1R7, 14.1X53 before 14.1X53-D35, 14.2 before 14.2R6, 15.1 before 15.1A2 or 15.1F4, 15.1X49 before 15.1X49-D30, and 15.1R before 15.1R3 might allow remote attackers to obtain sensitive information and consequently gain administrative privileges via unspecified vectors. | 9.8 |