Vulnerabilities > Juniper > Junos > 15.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-07-11 | CVE-2018-0029 | Resource Exhaustion vulnerability in Juniper Junos While experiencing a broadcast storm, placing the fxp0 interface into promiscuous mode via the 'monitor traffic interface fxp0' can cause the system to crash and restart (vmcore). | 6.5 |
| 2018-07-11 | CVE-2018-0026 | Unspecified vulnerability in Juniper Junos 15.1/15.1X8 After Junos OS device reboot or upgrade, the stateless firewall filter configuration may not take effect. | 7.5 |
| 2018-04-11 | CVE-2018-0022 | Resource Exhaustion vulnerability in Juniper Junos A Junos device with VPLS routing-instances configured on one or more interfaces may be susceptible to an mbuf leak when processing a specific MPLS packet. | 7.5 |
| 2018-04-11 | CVE-2018-0021 | Unspecified vulnerability in Juniper Junos If all 64 digits of the connectivity association name (CKN) key or all 32 digits of the connectivity association key (CAK) key are not configured, all remaining digits will be auto-configured to 0. low complexity juniper | 8.8 |
| 2018-04-11 | CVE-2018-0020 | Improper Input Validation vulnerability in Juniper Junos Junos OS may be impacted by the receipt of a malformed BGP UPDATE which can lead to a routing process daemon (rpd) crash and restart. | 7.5 |
| 2018-04-11 | CVE-2018-0019 | Improper Input Validation vulnerability in Juniper Junos A vulnerability in Junos OS SNMP MIB-II subagent daemon (mib2d) may allow a remote network based attacker to cause the mib2d process to crash resulting in a denial of service condition (DoS) for the SNMP subsystem. | 5.9 |
| 2018-04-11 | CVE-2018-0016 | Unspecified vulnerability in Juniper Junos Receipt of a specially crafted Connectionless Network Protocol (CLNP) datagram destined to an interface of a Junos OS device may result in a kernel crash or lead to remote code execution. | 7.5 |
| 2018-01-10 | CVE-2018-0008 | Improper Authentication vulnerability in Juniper Junos An unauthenticated root login may allow upon reboot when a commit script is used. | 6.2 |
| 2018-01-10 | CVE-2018-0007 | Command Injection vulnerability in Juniper Junos An unauthenticated network-based attacker able to send a maliciously crafted LLDP packet to the local segment, through a local segment broadcast, may be able to cause a Junos device to enter an improper boundary check condition allowing a memory corruption to occur, leading to a denial of service. | 9.8 |
| 2018-01-10 | CVE-2018-0006 | Allocation of Resources Without Limits or Throttling vulnerability in Juniper Junos A high rate of VLAN authentication attempts sent from an adjacent host on the local broadcast domain can trigger high memory utilization by the BBE subscriber management daemon (bbe-smgd), and lead to a denial of service condition. | 5.3 |