Vulnerabilities > Juniper > Junos > 18.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-10-16 | CVE-2020-1685 | Information Exposure Through Discrepancy vulnerability in Juniper Junos When configuring stateless firewall filters in Juniper Networks EX4600 and QFX 5000 Series devices using Virtual Extensible LAN protocol (VXLAN), the discard action will fail to discard traffic under certain conditions. | 5.0 |
| 2020-10-16 | CVE-2020-1684 | Unspecified vulnerability in Juniper Junos On Juniper Networks SRX Series configured with application identification inspection enabled, receipt of specific HTTP traffic can cause high CPU load utilization, which could lead to traffic interruption. network juniper | 4.3 |
| 2020-10-16 | CVE-2020-1683 | Memory Leak vulnerability in Juniper Junos On Juniper Networks Junos OS devices, a specific SNMP OID poll causes a memory leak which over time leads to a kernel crash (vmcore). | 7.8 |
| 2020-10-16 | CVE-2020-1682 | Improper Input Validation vulnerability in Juniper Junos 15.1X49/17.4 An input validation vulnerability exists in Juniper Networks Junos OS, allowing an attacker to crash the srxpfe process, causing a Denial of Service (DoS) through the use of specific maintenance commands. | 2.1 |
| 2020-10-16 | CVE-2020-1680 | Incorrect Calculation of Buffer Size vulnerability in Juniper Junos 15.1/15.1X53/18.2 On Juniper Networks MX Series with MS-MIC or MS-MPC card configured with NAT64 configuration, receipt of a malformed IPv6 packet may crash the MS-PIC component on MS-MIC or MS-MPC. | 5.0 |
| 2020-10-16 | CVE-2020-1679 | Unspecified vulnerability in Juniper Junos On Juniper Networks PTX and QFX Series devices with packet sampling configured using tunnel-observation mpls-over-udp, sampling of a malformed packet can cause the Kernel Routing Table (KRT) queue to become stuck. network juniper | 4.3 |
| 2020-10-16 | CVE-2020-1673 | Cross-site Scripting vulnerability in Juniper Junos Insufficient Cross-Site Scripting (XSS) protection in Juniper Networks J-Web and web based (HTTP/HTTPS) services allows an unauthenticated attacker to hijack the target user's HTTP/HTTPS session and perform administrative actions on the Junos device as the targeted user. | 7.6 |
| 2020-10-16 | CVE-2020-1672 | Unspecified vulnerability in Juniper Junos On Juniper Networks Junos OS devices configured with DHCPv6 relay enabled, receipt of a specific DHCPv6 packet might crash the jdhcpd daemon. | 5.0 |
| 2020-10-16 | CVE-2020-1671 | Unspecified vulnerability in Juniper Junos 17.4/18.1/18.2 On Juniper Networks Junos OS platforms configured as DHCPv6 local server or DHCPv6 Relay Agent, Juniper Networks Dynamic Host Configuration Protocol Daemon (JDHCPD) process might crash with a core dump if a malformed DHCPv6 packet is received, resulting with the restart of the daemon. | 5.0 |
| 2020-10-16 | CVE-2020-1670 | Unspecified vulnerability in Juniper Junos On Juniper Networks EX4300 Series, receipt of a stream of specific IPv4 packets can cause Routing Engine (RE) high CPU load, which could lead to network protocol operation issue and traffic interruption. low complexity juniper | 3.3 |