Vulnerabilities > Juniper > Junos > 19.4
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-22 | CVE-2021-0214 | Improper Input Validation vulnerability in Juniper Junos 17.3/17.4/18.1 A vulnerability in the distributed or centralized periodic packet management daemon (PPMD) of Juniper Networks Junos OS may cause receipt of a malformed packet to crash and restart the PPMD process, leading to network destabilization, service interruption, and a Denial of Service (DoS) condition. | 3.3 |
| 2021-01-15 | CVE-2021-0223 | Improper Privilege Management vulnerability in Juniper Junos A local privilege escalation vulnerability in telnetd.real of Juniper Networks Junos OS may allow a locally authenticated shell user to escalate privileges and execute arbitrary commands as root. | 7.2 |
| 2021-01-15 | CVE-2021-0221 | Infinite Loop vulnerability in Juniper Junos 17.3/17.4/18.1 In an EVPN/VXLAN scenario, if an IRB interface with a virtual gateway address (VGA) is configured on a PE, a traffic loop may occur upon receipt of specific IP multicast traffic. | 2.9 |
| 2021-01-15 | CVE-2021-0219 | OS Command Injection vulnerability in Juniper Junos A command injection vulnerability in install package validation subsystem of Juniper Networks Junos OS that may allow a locally authenticated attacker with privileges to execute commands with root privilege. | 7.2 |
| 2021-01-15 | CVE-2021-0218 | OS Command Injection vulnerability in Juniper Junos A command injection vulnerability in the license-check daemon of Juniper Networks Junos OS that may allow a locally authenticated attacker with low privileges to execute commands with root privilege. | 7.2 |
| 2021-01-15 | CVE-2021-0217 | Allocation of Resources Without Limits or Throttling vulnerability in Juniper Junos A vulnerability in processing of certain DHCP packets from adjacent clients on EX Series and QFX Series switches running Juniper Networks Junos OS with DHCP local/relay server configured may lead to exhaustion of DMA memory causing a Denial of Service (DoS). | 3.3 |
| 2021-01-15 | CVE-2021-0215 | Memory Leak vulnerability in Juniper Junos On Juniper Networks Junos EX series, QFX Series, MX Series and SRX branch series devices, a memory leak occurs every time the 802.1X authenticator port interface flaps which can lead to other processes, such as the pfex process, responsible for packet forwarding, to crash and restart. | 2.9 |
| 2021-01-15 | CVE-2021-0211 | Improper Check for Unusual or Exceptional Conditions vulnerability in Juniper Junos 17.3/17.4/18.1 An improper check for unusual or exceptional conditions in Juniper Networks Junos OS and Junos OS Evolved Routing Protocol Daemon (RPD) service allows an attacker to send a valid BGP FlowSpec message thereby causing an unexpected change in the route advertisements within the BGP FlowSpec domain leading to disruptions in network traffic causing a Denial of Service (DoS) condition. | 6.4 |
| 2021-01-15 | CVE-2021-0210 | Information Exposure vulnerability in Juniper Junos An Information Exposure vulnerability in J-Web of Juniper Networks Junos OS allows an unauthenticated attacker to elevate their privileges over the target system through opportunistic use of an authenticated users session. | 5.0 |
| 2021-01-15 | CVE-2021-0208 | Improper Input Validation vulnerability in Juniper Junos 15.1X49/17.3/17.4 An improper input validation vulnerability in the Routing Protocol Daemon (RPD) service of Juniper Networks Junos OS allows an attacker to send a malformed RSVP packet when bidirectional LSPs are in use, which when received by an egress router crashes the RPD causing a Denial of Service (DoS) condition. | 3.3 |