Vulnerabilities > Juniper > Junos > 20.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-04-22 | CVE-2021-0255 | Improper Privilege Management vulnerability in Juniper Junos 17.3/17.4/18.1 A local privilege escalation vulnerability in ethtraceroute of Juniper Networks Junos OS may allow a locally authenticated user with shell access to escalate privileges and write to the local filesystem as root. | 7.2 |
2021-04-22 | CVE-2021-0254 | Out-of-bounds Write vulnerability in Juniper Junos A buffer size validation vulnerability in the overlayd service of Juniper Networks Junos OS may allow an unauthenticated remote attacker to send specially crafted packets to the device, triggering a partial Denial of Service (DoS) condition, or leading to remote code execution (RCE). | 7.5 |
2021-04-22 | CVE-2021-0245 | Use of Hard-coded Credentials vulnerability in Juniper Junos 16.1/17.1/17.2 A Use of Hard-coded Credentials vulnerability in Juniper Networks Junos OS on Junos Fusion satellite devices allows an attacker who is local to the device to elevate their privileges and take control of the device. | 7.2 |
2021-04-22 | CVE-2021-0243 | Unspecified vulnerability in Juniper Junos 17.3/17.4/18.1 Improper Handling of Unexpected Data in the firewall policer of Juniper Networks Junos OS on EX4300 switches allows matching traffic to exceed set policer limits, possibly leading to a limited Denial of Service (DoS) condition. low complexity juniper | 3.3 |
2021-04-22 | CVE-2021-0242 | Allocation of Resources Without Limits or Throttling vulnerability in Juniper Junos A vulnerability due to the improper handling of direct memory access (DMA) buffers on EX4300 switches on Juniper Networks Junos OS allows an attacker sending specific unicast frames to trigger a Denial of Service (DoS) condition by exhausting DMA buffers, causing the FPC to crash and the device to restart. | 6.1 |
2021-04-22 | CVE-2021-0241 | Improper Handling of Exceptional Conditions vulnerability in Juniper Junos On Juniper Networks Junos OS platforms configured as DHCPv6 local server or DHCPv6 Relay Agent, Juniper Networks Dynamic Host Configuration Protocol Daemon (JDHCPD) process might crash with a core dump if a specific DHCPv6 packet is received, resulting in a restart of the daemon. | 3.3 |
2021-04-22 | CVE-2021-0240 | Improper Handling of Exceptional Conditions vulnerability in Juniper Junos On Juniper Networks Junos OS platforms configured as DHCPv6 local server or DHCPv6 Relay Agent, the Juniper Networks Dynamic Host Configuration Protocol Daemon (JDHCPD) process might crash if a malformed DHCPv6 packet is received, resulting in a restart of the daemon. | 2.9 |
2021-04-22 | CVE-2021-0238 | Resource Exhaustion vulnerability in Juniper Junos 17.3/18.1/18.2 When a MX Series is configured as a Broadband Network Gateway (BNG) based on Layer 2 Tunneling Protocol (L2TP), executing certain CLI command may cause the system to run out of disk space, excessive disk usage may cause other complications. | 2.1 |
2021-04-22 | CVE-2021-0237 | Unspecified vulnerability in Juniper Junos 15.1/17.3 On Juniper Networks EX4300-MP Series, EX4600 Series, EX4650 Series, QFX5K Series deployed as a Virtual Chassis with a specific Layer 2 circuit configuration, Packet Forwarding Engine manager (FXPC) process may crash and restart upon receipt of specific layer 2 frames. low complexity juniper | 3.3 |
2021-04-22 | CVE-2021-0236 | Improper Check for Unusual or Exceptional Conditions vulnerability in Juniper Junos Due to an improper check for unusual or exceptional conditions in Juniper Networks Junos OS and Junos OS Evolved the Routing Protocol Daemon (RPD) service, upon receipt of a specific matching BGP packet meeting a specific term in the flowspec configuration, crashes and restarts causing a Denial of Service (DoS). | 6.8 |