Vulnerabilities > Juniper > Junos > 18.3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-09 | CVE-2019-0075 | Unspecified vulnerability in Juniper Junos A vulnerability in the srxpfe process on Protocol Independent Multicast (PIM) enabled SRX series devices may lead to crash of the srxpfe process and an FPC reboot while processing (PIM) messages. | 7.5 |
| 2019-10-09 | CVE-2019-0074 | Path Traversal vulnerability in Juniper Junos A path traversal vulnerability in NFX150 Series and QFX10K Series, EX9200 Series, MX Series and PTX Series devices with Next-Generation Routing Engine (NG-RE) allows a local authenticated user to read sensitive system files. | 5.5 |
| 2019-10-09 | CVE-2019-0073 | Improper Preservation of Permissions vulnerability in Juniper Junos The PKI keys exported using the command "run request security pki key-pair export" on Junos OS may have insecure file permissions. | 7.1 |
| 2019-10-09 | CVE-2019-0071 | Improper Validation of Integrity Check Value vulnerability in Juniper Junos 18.1/18.3 Veriexec is a kernel-based file integrity subsystem in Junos OS that ensures only authorized binaries are able to be executed. | 7.8 |
| 2019-10-09 | CVE-2019-0069 | Cleartext Transmission of Sensitive Information vulnerability in Juniper Junos On EX4600, QFX5100 Series, NFX Series, QFX10K Series, QFX5110, QFX5200 Series, QFX5110, QFX5200, QFX10K Series, vSRX, SRX1500, SRX4000 Series, vSRX, SRX1500, SRX4000, QFX5110, QFX5200, QFX10K Series, when the user uses console management port to authenticate, the credentials used during device authentication are written to a log file in clear text. | 5.5 |
| 2019-10-09 | CVE-2019-0068 | Improper Check for Unusual or Exceptional Conditions vulnerability in Juniper Junos The SRX flowd process, responsible for packet forwarding, may crash and restart when processing specific multicast packets. | 7.5 |
| 2019-10-09 | CVE-2019-0065 | Unspecified vulnerability in Juniper Junos On MX Series, when the SIP ALG is enabled, receipt of a certain malformed SIP packet may crash the MS-PIC component on MS-MIC or MS-MPC. | 7.5 |
| 2019-10-09 | CVE-2019-0063 | Unspecified vulnerability in Juniper Junos When an MX Series Broadband Remote Access Server (BRAS) is configured as a Broadband Network Gateway (BNG) with DHCPv6 enabled, jdhcpd might crash when receiving a specific crafted DHCP response message on a subscriber interface. | 7.5 |
| 2019-10-09 | CVE-2019-0062 | Session Fixation vulnerability in Juniper Junos A session fixation vulnerability in J-Web on Junos OS may allow an attacker to use social engineering techniques to fix and hijack a J-Web administrators web session and potentially gain administrative access to the device. | 8.8 |
| 2019-10-09 | CVE-2019-0061 | Unspecified vulnerability in Juniper Junos The management daemon (MGD) is responsible for all configuration and management operations in Junos OS. | 7.8 |