Vulnerabilities > Juniper > Junos > 20.4
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-19 | CVE-2021-31354 | Out-of-bounds Read vulnerability in Juniper Junos An Out Of Bounds (OOB) access vulnerability in the handling of responses by a Juniper Agile License (JAL) Client in Juniper Networks Junos OS and Junos OS Evolved, configured in Network Mode (to use Juniper Agile License Manager) may allow an attacker to cause a partial Denial of Service (DoS), or lead to remote code execution (RCE). | 5.4 |
| 2021-10-19 | CVE-2021-31355 | Cross-site Scripting vulnerability in Juniper Junos A persistent cross-site scripting (XSS) vulnerability in the captive portal graphical user interface of Juniper Networks Junos OS may allow a remote authenticated user to inject web script or HTML and steal sensitive data and credentials from a web administration session, possibly tricking a follow-on administrative user to perform administrative actions on the device. | 3.5 |
| 2021-10-19 | CVE-2021-31359 | Improper Privilege Management vulnerability in Juniper Junos 15.1/17.4/18.3 A local privilege escalation vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged user to cause the Juniper DHCP daemon (jdhcpd) process to crash, resulting in a Denial of Service (DoS), or execute arbitrary commands as root. | 7.8 |
| 2021-10-19 | CVE-2021-31360 | Improper Privilege Management vulnerability in Juniper Junos 15.1/17.4/18.3 An improper privilege management vulnerability in the Juniper Networks Junos OS and Junos OS Evolved command-line interpreter (CLI) allows a low-privileged user to overwrite local files as root, possibly leading to a system integrity issue or Denial of Service (DoS). | 7.1 |
| 2021-10-19 | CVE-2021-31361 | Improper Check for Unusual or Exceptional Conditions vulnerability in Juniper Junos An Improper Check for Unusual or Exceptional Conditions vulnerability combined with Improper Handling of Exceptional Conditions in Juniper Networks Junos OS on QFX Series and PTX Series allows an unauthenticated network based attacker to cause increased FPC CPU utilization by sending specific IP packets which are being VXLAN encapsulated leading to a partial Denial of Service (DoS). | 5.3 |
| 2021-10-19 | CVE-2021-31362 | Unspecified vulnerability in Juniper Junos A Protection Mechanism Failure vulnerability in RPD (routing protocol daemon) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent unauthenticated attacker to cause established IS-IS adjacencies to go down by sending a spoofed hello PDU leading to a Denial of Service (DoS) condition. low complexity juniper | 3.3 |
| 2021-10-19 | CVE-2021-31364 | Improper Check for Unusual or Exceptional Conditions vulnerability in Juniper Junos An Improper Check for Unusual or Exceptional Conditions vulnerability combined with a Race Condition in the flow daemon (flowd) of Juniper Networks Junos OS on SRX300 Series, SRX500 Series, SRX1500, and SRX5000 Series with SPC2 allows an unauthenticated network based attacker sending specific traffic to cause a crash of the flowd/srxpfe process, responsible for traffic forwarding in SRX, which will cause a Denial of Service (DoS). | 4.3 |
| 2021-10-19 | CVE-2021-31365 | Resource Exhaustion vulnerability in Juniper Junos An Uncontrolled Resource Consumption vulnerability in Juniper Networks Junos OS on EX2300, EX3400 and EX4300 Series platforms allows an adjacent attacker sending a stream of layer 2 frames will trigger an Aggregated Ethernet (AE) interface to go down and thereby causing a Denial of Service (DoS). | 2.9 |
| 2021-10-19 | CVE-2021-31366 | Unchecked Return Value vulnerability in Juniper Junos An Unchecked Return Value vulnerability in the authd (authentication daemon) of Juniper Networks Junos OS on MX Series configured for subscriber management / BBE allows an adjacent attacker to cause a crash by sending a specific username. | 3.3 |
| 2021-10-19 | CVE-2021-31367 | Memory Leak vulnerability in Juniper Junos A Missing Release of Memory after Effective Lifetime vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on PTX Series allows an adjacent attacker to cause a Denial of Service (DoS) by sending genuine BGP flowspec packets which cause an FPC heap memory leak. | 2.9 |