Vulnerabilities > Juniper > Junos > 19.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-10-16 | CVE-2020-1673 | Cross-site Scripting vulnerability in Juniper Junos Insufficient Cross-Site Scripting (XSS) protection in Juniper Networks J-Web and web based (HTTP/HTTPS) services allows an unauthenticated attacker to hijack the target user's HTTP/HTTPS session and perform administrative actions on the Junos device as the targeted user. | 7.6 |
| 2020-10-16 | CVE-2020-1672 | Unspecified vulnerability in Juniper Junos On Juniper Networks Junos OS devices configured with DHCPv6 relay enabled, receipt of a specific DHCPv6 packet might crash the jdhcpd daemon. | 5.0 |
| 2020-10-16 | CVE-2020-1671 | Unspecified vulnerability in Juniper Junos 17.4/18.1/18.2 On Juniper Networks Junos OS platforms configured as DHCPv6 local server or DHCPv6 Relay Agent, Juniper Networks Dynamic Host Configuration Protocol Daemon (JDHCPD) process might crash with a core dump if a malformed DHCPv6 packet is received, resulting with the restart of the daemon. | 5.0 |
| 2020-10-16 | CVE-2020-1670 | Unspecified vulnerability in Juniper Junos On Juniper Networks EX4300 Series, receipt of a stream of specific IPv4 packets can cause Routing Engine (RE) high CPU load, which could lead to network protocol operation issue and traffic interruption. low complexity juniper | 3.3 |
| 2020-10-16 | CVE-2020-1668 | Unspecified vulnerability in Juniper Junos On Juniper Networks EX2300 Series, receipt of a stream of specific multicast packets by the layer2 interface can cause high CPU load, which could lead to traffic interruption. low complexity juniper | 3.3 |
| 2020-10-16 | CVE-2020-1667 | Race Condition vulnerability in Juniper Junos When DNS filtering is enabled on Juniper Networks Junos MX Series with one of the following cards MS-PIC, MS-MIC or MS-MPC, an incoming stream of packets processed by the Multiservices PIC Management Daemon (mspmand) process might be bypassed due to a race condition. | 4.0 |
| 2020-10-16 | CVE-2020-1664 | Out-of-bounds Write vulnerability in Juniper Junos A stack buffer overflow vulnerability in the device control daemon (DCD) on Juniper Networks Junos OS allows a low privilege local user to create a Denial of Service (DoS) against the daemon or execute arbitrary code in the system with root privilege. | 7.2 |
| 2020-10-16 | CVE-2020-1662 | Unspecified vulnerability in Juniper Junos On Juniper Networks Junos OS and Junos OS Evolved devices, BGP session flapping can lead to a routing process daemon (RPD) crash and restart, limiting the attack surface to configured BGP peers. network juniper | 4.3 |
| 2020-10-16 | CVE-2020-1660 | Unspecified vulnerability in Juniper Junos When DNS filtering is enabled on Juniper Networks Junos MX Series with one of the following cards MS-PIC, MS-MIC or MS-MPC, an incoming stream of packets processed by the Multiservices PIC Management Daemon (mspmand) process, responsible for managing "URL Filtering service", may crash, causing the Services PIC to restart. network juniper | 6.8 |
| 2020-10-16 | CVE-2020-1657 | Unspecified vulnerability in Juniper Junos On SRX Series devices, a vulnerability in the key-management-daemon (kmd) daemon of Juniper Networks Junos OS allows an attacker to spoof packets targeted to IPSec peers before a security association (SA) is established thereby causing a failure to set up the IPSec channel. | 5.0 |