Vulnerabilities > Juniper > Junos > 17.4

DATE CVE VULNERABILITY TITLE RISK
2019-04-10 CVE-2019-0037 Unspecified vulnerability in Juniper Junos
In a Dynamic Host Configuration Protocol version 6 (DHCPv6) environment, the jdhcpd daemon may crash and restart upon receipt of certain DHCPv6 solicit messages received from a DHCPv6 client.
network
low complexity
juniper
7.5
2019-04-10 CVE-2019-0036 Improper Check for Unusual or Exceptional Conditions vulnerability in Juniper Junos
When configuring a stateless firewall filter in Junos OS, terms named using the format "internal-n" (e.g.
network
low complexity
juniper CWE-754
critical
9.8
2019-04-10 CVE-2019-0035 Insufficiently Protected Credentials vulnerability in Juniper Junos
When "set system ports console insecure" is enabled, root login is disallowed for Junos OS as expected.
low complexity
juniper CWE-522
6.8
2019-04-10 CVE-2019-0031 Allocation of Resources Without Limits or Throttling vulnerability in Juniper Junos 17.4/18.1/18.1R
Specific IPv6 DHCP packets received by the jdhcpd daemon will cause a memory resource consumption issue to occur on a Junos OS device using the jdhcpd daemon configured to respond to IPv6 requests.
network
low complexity
juniper CWE-770
7.5
2019-04-10 CVE-2019-0028 Unspecified vulnerability in Juniper Junos
On Junos devices with the BGP graceful restart helper mode enabled or the BGP graceful restart mechanism enabled, a BGP session restart on a remote peer that has the graceful restart mechanism enabled may cause the local routing protocol daemon (RPD) process to crash and restart.
network
low complexity
juniper
7.5
2019-04-10 CVE-2019-0019 Unspecified vulnerability in Juniper Junos
When BGP tracing is enabled an incoming BGP message may cause the Junos OS routing protocol daemon (rpd) process to crash and restart.
network
low complexity
juniper
7.5
2019-04-10 CVE-2019-0008 Out-of-bounds Write vulnerability in Juniper Junos
A certain sequence of valid BGP or IPv6 BFD packets may trigger a stack based buffer overflow in the Junos OS Packet Forwarding Engine manager (FXPC) process on QFX5000 series, EX4300, EX4600 devices.
network
low complexity
juniper CWE-787
critical
9.8
2019-01-15 CVE-2019-0015 Insufficient Session Expiration vulnerability in Juniper Junos
A vulnerability in the SRX Series Service Gateway allows deleted dynamic VPN users to establish dynamic VPN connections until the device is rebooted.
network
low complexity
juniper CWE-613
5.4
2019-01-15 CVE-2019-0014 Data Processing Errors vulnerability in Juniper Junos 17.2X75/17.4/18.2
On QFX and PTX Series, receipt of a malformed packet for J-Flow sampling might crash the FPC (Flexible PIC Concentrator) process which causes all interfaces to go down.
network
low complexity
juniper CWE-19
7.5
2019-01-15 CVE-2019-0013 Data Processing Errors vulnerability in Juniper Junos
The routing protocol daemon (RPD) process will crash and restart when a specific invalid IPv4 PIM Join packet is received.
network
low complexity
juniper CWE-19
7.5