Vulnerabilities > Juniper > Junos > 18.1

DATE CVE VULNERABILITY TITLE RISK
2019-01-15 CVE-2019-0005 Allocation of Resources Without Limits or Throttling vulnerability in Juniper Junos
On EX2300, EX3400, EX4600, QFX3K and QFX5K series, firewall filter configuration cannot perform packet matching on any IPv6 extension headers.
network
low complexity
juniper CWE-770
5.3
2019-01-15 CVE-2019-0002 Unspecified vulnerability in Juniper Junos 15.1X53/18.1/18.2
On EX2300 and EX3400 series, stateless firewall filter configuration that uses the action 'policer' in combination with other actions might not take effect.
network
low complexity
juniper
critical
9.8
2018-10-10 CVE-2018-0058 Improper Input Validation vulnerability in Juniper Junos
Receipt of a specially crafted IPv6 exception packet may be able to trigger a kernel crash (vmcore), causing the device to reboot.
network
low complexity
juniper CWE-20
7.5
2018-10-10 CVE-2018-0057 Unspecified vulnerability in Juniper Junos
On MX Series and M120/M320 platforms configured in a Broadband Edge (BBE) environment, subscribers logging in with DHCP Option 50 to request a specific IP address will be assigned the requested IP address, even if there is a static MAC to IP address binding in the access profile.
network
low complexity
juniper
critical
9.6
2018-10-10 CVE-2018-0056 Improper Input Validation vulnerability in Juniper Junos
If a duplicate MAC address is learned by two different interfaces on an MX Series device, the MAC address learning function correctly flaps between the interfaces.
high complexity
juniper CWE-20
5.3
2018-10-10 CVE-2018-0054 Resource Exhaustion vulnerability in Juniper Junos
On QFX5000 Series and EX4600 switches, a high rate of Ethernet pause frames or an ARP packet storm received on the management interface (fxp0) can cause egress interface congestion, resulting in routing protocol packet drops, such as BGP, leading to peering flaps.
low complexity
juniper CWE-400
6.5
2018-10-10 CVE-2018-0049 NULL Pointer Dereference vulnerability in Juniper Junos
A NULL Pointer Dereference vulnerability in Juniper Networks Junos OS allows an attacker to cause the Junos OS kernel to crash.
network
low complexity
juniper CWE-476
7.5
2018-10-10 CVE-2018-0048 Resource Exhaustion vulnerability in Juniper Junos
A vulnerability in the Routing Protocols Daemon (RPD) with Juniper Extension Toolkit (JET) support can allow a network based unauthenticated attacker to cause a severe memory exhaustion condition on the device.
network
low complexity
juniper CWE-400
7.5
2018-10-10 CVE-2018-0045 Improper Input Validation vulnerability in Juniper Junos
Receipt of a specific Draft-Rosen MVPN control packet may cause the routing protocol daemon (RPD) process to crash and restart or may lead to remote code execution.
low complexity
juniper CWE-20
8.8
2018-08-18 CVE-2018-15505 NULL Pointer Dereference vulnerability in multiple products
An issue was discovered in Embedthis GoAhead before 4.0.1 and Appweb before 7.0.2.
network
low complexity
embedthis juniper CWE-476
7.5