Vulnerabilities > Juniper > Junos > 18.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-22 | CVE-2021-0247 | Race Condition vulnerability in Juniper Junos 14.1X53/15.1X53 A Race Condition (Concurrent Execution using Shared Resource with Improper Synchronization) vulnerability in the firewall process (dfwd) of Juniper Networks Junos OS allows an attacker to bypass the firewall rule sets applied to the input loopback filter on any interfaces of a device. | 6.8 |
| 2021-04-22 | CVE-2021-0245 | Use of Hard-coded Credentials vulnerability in Juniper Junos 16.1/17.1/17.2 A Use of Hard-coded Credentials vulnerability in Juniper Networks Junos OS on Junos Fusion satellite devices allows an attacker who is local to the device to elevate their privileges and take control of the device. | 7.2 |
| 2021-04-22 | CVE-2021-0244 | Race Condition vulnerability in Juniper Junos 14.1X53/15.1 A signal handler race condition exists in the Layer 2 Address Learning Daemon (L2ALD) of Juniper Networks Junos OS due to the absence of a specific protection mechanism to avoid a race condition which may allow an attacker to bypass the storm-control feature on devices. | 4.3 |
| 2021-04-22 | CVE-2021-0243 | Unspecified vulnerability in Juniper Junos 17.3/17.4/18.1 Improper Handling of Unexpected Data in the firewall policer of Juniper Networks Junos OS on EX4300 switches allows matching traffic to exceed set policer limits, possibly leading to a limited Denial of Service (DoS) condition. low complexity juniper | 3.3 |
| 2021-04-22 | CVE-2021-0242 | Allocation of Resources Without Limits or Throttling vulnerability in Juniper Junos A vulnerability due to the improper handling of direct memory access (DMA) buffers on EX4300 switches on Juniper Networks Junos OS allows an attacker sending specific unicast frames to trigger a Denial of Service (DoS) condition by exhausting DMA buffers, causing the FPC to crash and the device to restart. | 6.1 |
| 2021-04-22 | CVE-2021-0241 | Improper Handling of Exceptional Conditions vulnerability in Juniper Junos On Juniper Networks Junos OS platforms configured as DHCPv6 local server or DHCPv6 Relay Agent, Juniper Networks Dynamic Host Configuration Protocol Daemon (JDHCPD) process might crash with a core dump if a specific DHCPv6 packet is received, resulting in a restart of the daemon. | 3.3 |
| 2021-04-22 | CVE-2021-0240 | Improper Handling of Exceptional Conditions vulnerability in Juniper Junos On Juniper Networks Junos OS platforms configured as DHCPv6 local server or DHCPv6 Relay Agent, the Juniper Networks Dynamic Host Configuration Protocol Daemon (JDHCPD) process might crash if a malformed DHCPv6 packet is received, resulting in a restart of the daemon. | 2.9 |
| 2021-04-22 | CVE-2021-0238 | Resource Exhaustion vulnerability in Juniper Junos 17.3/18.1/18.2 When a MX Series is configured as a Broadband Network Gateway (BNG) based on Layer 2 Tunneling Protocol (L2TP), executing certain CLI command may cause the system to run out of disk space, excessive disk usage may cause other complications. | 2.1 |
| 2021-04-22 | CVE-2021-0234 | Improper Initialization vulnerability in Juniper Junos 17.3/17.4/18.1 Due to an improper Initialization vulnerability on Juniper Networks Junos OS QFX5100-96S devices with QFX 5e Series image installed, ddos-protection configuration changes will not take effect beyond the default DDoS (Distributed Denial of Service) settings when configured from the CLI. | 5.0 |
| 2021-04-22 | CVE-2021-0229 | Resource Exhaustion vulnerability in Juniper Junos 16.1/16.2/17.1 An uncontrolled resource consumption vulnerability in Message Queue Telemetry Transport (MQTT) server of Juniper Networks Junos OS allows an attacker to cause MQTT server to crash and restart leading to a Denial of Service (DoS) by sending a stream of specific packets. | 5.0 |