Vulnerabilities > Juniper > Junos

DATE CVE VULNERABILITY TITLE RISK
2020-04-08 CVE-2020-1630 Unspecified vulnerability in Juniper Junos
A privilege escalation vulnerability in Juniper Networks Junos OS devices configured with dual Routing Engines (RE), Virtual Chassis (VC) or high-availability cluster may allow a local authenticated low-privileged user with access to the shell to perform unauthorized configuration modification.
local
low complexity
juniper
5.5
2020-04-08 CVE-2020-1629 Race Condition vulnerability in Juniper Junos
A race condition vulnerability on Juniper Network Junos OS devices may cause the routing protocol daemon (RPD) process to crash and restart while processing a BGP NOTIFICATION message.
network
high complexity
juniper CWE-362
5.9
2020-04-08 CVE-2020-1628 Unspecified vulnerability in Juniper Junos
Juniper Networks Junos OS uses the 128.0.0.0/2 subnet for internal communications between the RE and PFEs.
network
low complexity
juniper
5.3
2020-04-08 CVE-2020-1627 Unspecified vulnerability in Juniper Junos
A vulnerability in Juniper Networks Junos OS on vMX and MX150 devices may allow an attacker to cause a Denial of Service (DoS) by sending specific packets requiring special processing in microcode that the flow cache can't handle, causing the riot forwarding daemon to crash.
network
low complexity
juniper
7.5
2020-04-08 CVE-2020-1625 Memory Leak vulnerability in Juniper Junos
The kernel memory usage represented as "temp" via 'show system virtual-memory' may constantly increase when Integrated Routing and Bridging (IRB) is configured with multiple underlay physical interfaces, and one interface flaps.
low complexity
juniper CWE-401
6.5
2020-04-08 CVE-2020-1619 Unspecified vulnerability in Juniper Junos
A privilege escalation vulnerability in Juniper Networks QFX10K Series, EX9200 Series, MX Series, and PTX Series with Next-Generation Routing Engine (NG-RE), allows a local authenticated high privileged user to access the underlying WRL host.
local
low complexity
juniper
6.7
2020-04-08 CVE-2020-1618 Improper Authentication vulnerability in Juniper Junos
On Juniper Networks EX and QFX Series, an authentication bypass vulnerability may allow a user connected to the console port to login as root without any password.
low complexity
juniper CWE-287
6.8
2020-04-08 CVE-2020-1617 Improper Initialization vulnerability in Juniper Junos
This issue occurs on Juniper Networks Junos OS devices which do not support Advanced Forwarding Interface (AFI) / Advanced Forwarding Toolkit (AFT).
network
low complexity
juniper CWE-665
7.5
2020-04-08 CVE-2020-1615 Use of Hard-coded Credentials vulnerability in Juniper Junos
The factory configuration for vMX installations, as shipped, includes default credentials for the root account.
network
low complexity
juniper CWE-798
critical
9.8
2020-04-08 CVE-2020-1614 Use of Hard-coded Credentials vulnerability in Juniper Junos
A Use of Hard-coded Credentials vulnerability exists in the NFX250 Series for the vSRX Virtual Network Function (VNF) instance, which allows an attacker to take control of the vSRX VNF instance if they have the ability to access an administrative service (e.g.
network
low complexity
juniper CWE-798
critical
10.0