Vulnerabilities > Juniper > Junos > 20.3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-07-15 | CVE-2021-0278 | Improper Input Validation vulnerability in Juniper Junos An Improper Input Validation vulnerability in J-Web of Juniper Networks Junos OS allows a locally authenticated attacker to escalate their privileges to root over the target device. | 7.2 |
| 2021-07-15 | CVE-2021-0280 | Improper Initialization vulnerability in Juniper Junos Due to an Improper Initialization vulnerability in Juniper Networks Junos OS on PTX platforms and QFX10K Series with Paradise (PE) chipset-based line cards, ddos-protection configuration changes made from the CLI will not take effect as expected beyond the default DDoS (Distributed Denial of Service) settings in the Packet Forwarding Engine (PFE). | 5.0 |
| 2021-07-15 | CVE-2021-0281 | Improper Check for Unusual or Exceptional Conditions vulnerability in Juniper Junos On Juniper Networks Junos OS devices configured with BGP origin validation using Resource Public Key Infrastructure (RPKI) receipt of a specific packet from the RPKI cache server may cause routing process daemon (RPD) to crash and restart, creating a Denial of Service (DoS) condition. | 4.3 |
| 2021-07-15 | CVE-2021-0283 | Classic Buffer Overflow vulnerability in Juniper Junos A buffer overflow vulnerability in the TCP/IP stack of Juniper Networks Junos OS allows an attacker to send specific sequences of packets to the device thereby causing a Denial of Service (DoS). | 7.8 |
| 2021-07-15 | CVE-2021-0285 | Resource Exhaustion vulnerability in Juniper Junos An uncontrolled resource consumption vulnerability in Juniper Networks Junos OS on QFX5000 Series and EX4600 Series switches allows an attacker sending large amounts of legitimate traffic destined to the device to cause Interchassis Control Protocol (ICCP) interruptions, leading to an unstable control connection between the Multi-Chassis Link Aggregation Group (MC-LAG) nodes which can in turn lead to traffic loss. | 5.0 |
| 2021-07-15 | CVE-2021-0287 | Improper Check for Unusual or Exceptional Conditions vulnerability in Juniper Junos and Junos OS Evolved In a Segment Routing ISIS (SR-ISIS)/MPLS environment, on Juniper Networks Junos OS and Junos OS Evolved devices, configured with ISIS Flexible Algorithm for Segment Routing and sensor-based statistics, a flap of a ISIS link in the network, can lead to a routing process daemon (RPD) crash and restart, causing a Denial of Service (DoS). | 5.7 |
| 2021-07-15 | CVE-2021-0288 | Improper Check for Unusual or Exceptional Conditions vulnerability in Juniper Junos A vulnerability in the processing of specific MPLS packets in Juniper Networks Junos OS on MX Series and EX9200 Series devices with Trio-based MPCs (Modular Port Concentrators) may cause FPC to crash and lead to a Denial of Service (DoS) condition. | 3.3 |
| 2021-07-15 | CVE-2021-0289 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Juniper Junos When user-defined ARP Policer is configured and applied on one or more Aggregated Ethernet (AE) interface units, a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability between the Device Control Daemon (DCD) and firewall process (dfwd) daemons of Juniper Networks Junos OS allows an attacker to bypass the user-defined ARP Policer. | 2.9 |
| 2021-07-15 | CVE-2021-0291 | Information Exposure vulnerability in Juniper Junos 15.1/17.3 An Exposure of System Data vulnerability in Juniper Networks Junos OS and Junos OS Evolved, where a sensitive system-level resource is not being sufficiently protected, allows a network-based unauthenticated attacker to send specific traffic which partially reaches this resource. | 6.4 |
| 2021-07-15 | CVE-2021-0293 | Memory Leak vulnerability in Juniper Junos A vulnerability in Juniper Networks Junos OS caused by Missing Release of Memory after Effective Lifetime leads to a memory leak each time the CLI command 'show system connections extensive' is executed. | 2.1 |