Vulnerabilities > Juniper > Junos > 17.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-09 | CVE-2019-0067 | Improper Input Validation vulnerability in Juniper Junos 16.1/16.2/17.1 Receipt of a specific link-local IPv6 packet destined to the RE may cause the system to crash and restart (vmcore). | 6.1 |
| 2019-10-09 | CVE-2019-0066 | Unspecified vulnerability in Juniper Junos An unexpected status return value weakness in the Next-Generation Multicast VPN (NG-mVPN) service of Juniper Networks Junos OS allows attacker to cause a Denial of Service (DoS) condition and core the routing protocol daemon (rpd) process when a specific malformed IPv4 packet is received by the device running BGP. | 5.0 |
| 2019-10-09 | CVE-2019-0065 | Improper Input Validation vulnerability in Juniper Junos On MX Series, when the SIP ALG is enabled, receipt of a certain malformed SIP packet may crash the MS-PIC component on MS-MIC or MS-MPC. | 4.3 |
| 2019-10-09 | CVE-2019-0063 | Improper Input Validation vulnerability in Juniper Junos When an MX Series Broadband Remote Access Server (BRAS) is configured as a Broadband Network Gateway (BNG) with DHCPv6 enabled, jdhcpd might crash when receiving a specific crafted DHCP response message on a subscriber interface. | 4.3 |
| 2019-10-09 | CVE-2019-0062 | Session Fixation vulnerability in Juniper Junos A session fixation vulnerability in J-Web on Junos OS may allow an attacker to use social engineering techniques to fix and hijack a J-Web administrators web session and potentially gain administrative access to the device. | 6.8 |
| 2019-10-09 | CVE-2019-0061 | Unspecified vulnerability in Juniper Junos 15.1X49/15.1X53/16.1 The management daemon (MGD) is responsible for all configuration and management operations in Junos OS. | 7.2 |
| 2019-10-09 | CVE-2019-0057 | Unspecified vulnerability in Juniper Junos An improper authorization weakness in Juniper Networks Junos OS allows a local authenticated attacker to bypass regular security controls to access the Junos Device Manager (JDM) application and take control of the system. | 7.2 |
| 2019-10-09 | CVE-2019-0047 | Cross-site Scripting vulnerability in Juniper Junos A persistent Cross-Site Scripting (XSS) vulnerability in Junos OS J-Web interface may allow remote unauthenticated attackers to perform administrative actions on the Junos device. | 4.3 |
| 2019-07-11 | CVE-2019-0053 | Out-of-bounds Write vulnerability in multiple products Insufficient validation of environment variables in the telnet client supplied in Junos OS can lead to stack-based buffer overflows, which can be exploited to bypass veriexec restrictions on Junos OS. | 7.8 |
| 2019-07-11 | CVE-2019-0049 | Unspecified vulnerability in Juniper Junos On Junos devices with the BGP graceful restart helper mode enabled or the BGP graceful restart mechanism enabled, a certain sequence of BGP session restart on a remote peer that has the graceful restart mechanism enabled may cause the local routing protocol daemon (RPD) process to crash and restart. | 5.0 |