Vulnerabilities > Juniper > Junos > 19.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-15 | CVE-2020-1605 | OS Command Injection vulnerability in Juniper Junos When a device using Juniper Network's Dynamic Host Configuration Protocol Daemon (JDHCPD) process on Junos OS or Junos OS Evolved which is configured in relay mode it vulnerable to an attacker sending crafted IPv4 packets who may then arbitrarily execute commands as root on the target device. | 8.8 |
| 2020-01-15 | CVE-2020-1603 | Memory Leak vulnerability in Juniper Junos Specific IPv6 packets sent by clients processed by the Routing Engine (RE) are improperly handled. | 8.6 |
| 2020-01-15 | CVE-2020-1602 | OS Command Injection vulnerability in Juniper Junos When a device using Juniper Network's Dynamic Host Configuration Protocol Daemon (JDHCPD) process on Junos OS or Junos OS Evolved which is configured in relay mode it vulnerable to an attacker sending crafted IPv4 packets who may remotely take over the code execution of the JDHDCP process. | 8.8 |
| 2020-01-15 | CVE-2020-1600 | Infinite Loop vulnerability in Juniper Junos In a Point-to-Multipoint (P2MP) Label Switched Path (LSP) scenario, an uncontrolled resource consumption vulnerability in the Routing Protocol Daemon (RPD) in Juniper Networks Junos OS allows a specific SNMP request to trigger an infinite loop causing a high CPU usage Denial of Service (DoS) condition. | 6.5 |
| 2019-10-09 | CVE-2019-0068 | Improper Check for Unusual or Exceptional Conditions vulnerability in Juniper Junos The SRX flowd process, responsible for packet forwarding, may crash and restart when processing specific multicast packets. | 7.5 |
| 2019-10-09 | CVE-2019-0063 | Unspecified vulnerability in Juniper Junos When an MX Series Broadband Remote Access Server (BRAS) is configured as a Broadband Network Gateway (BNG) with DHCPv6 enabled, jdhcpd might crash when receiving a specific crafted DHCP response message on a subscriber interface. | 7.5 |
| 2019-10-09 | CVE-2019-0062 | Session Fixation vulnerability in Juniper Junos A session fixation vulnerability in J-Web on Junos OS may allow an attacker to use social engineering techniques to fix and hijack a J-Web administrators web session and potentially gain administrative access to the device. | 8.8 |
| 2019-10-09 | CVE-2019-0051 | Improper Handling of Exceptional Conditions vulnerability in Juniper Junos SSL-Proxy feature on SRX devices fails to handle a hardware resource limitation which can be exploited by remote SSL/TLS servers to crash the flowd daemon. | 7.5 |