Vulnerabilities > Juniper > Junos

DATE CVE VULNERABILITY TITLE RISK
2020-01-15 CVE-2020-1605 OS Command Injection vulnerability in Juniper Junos
When a device using Juniper Network's Dynamic Host Configuration Protocol Daemon (JDHCPD) process on Junos OS or Junos OS Evolved which is configured in relay mode it vulnerable to an attacker sending crafted IPv4 packets who may then arbitrarily execute commands as root on the target device.
low complexity
juniper CWE-78
8.8
2020-01-15 CVE-2020-1604 Unspecified vulnerability in Juniper Junos
On EX4300, EX4600, QFX3500, and QFX5100 Series, a vulnerability in the IP firewall filter component may cause the firewall filter evaluation of certain packets to fail.
network
low complexity
juniper
5.3
2020-01-15 CVE-2020-1603 Memory Leak vulnerability in Juniper Junos
Specific IPv6 packets sent by clients processed by the Routing Engine (RE) are improperly handled.
network
low complexity
juniper CWE-401
8.6
2020-01-15 CVE-2020-1602 OS Command Injection vulnerability in Juniper Junos
When a device using Juniper Network's Dynamic Host Configuration Protocol Daemon (JDHCPD) process on Junos OS or Junos OS Evolved which is configured in relay mode it vulnerable to an attacker sending crafted IPv4 packets who may remotely take over the code execution of the JDHDCP process.
low complexity
juniper CWE-78
8.8
2020-01-15 CVE-2020-1601 Unspecified vulnerability in Juniper Junos
Certain types of malformed Path Computation Element Protocol (PCEP) packets when received and processed by a Juniper Networks Junos OS device serving as a Path Computation Client (PCC) in a PCEP environment using Juniper's path computational element protocol daemon (pccd) process allows an attacker to cause the pccd process to crash and generate a core file thereby causing a Denial of Service (DoS).
network
low complexity
juniper
7.5
2020-01-15 CVE-2020-1600 Infinite Loop vulnerability in Juniper Junos
In a Point-to-Multipoint (P2MP) Label Switched Path (LSP) scenario, an uncontrolled resource consumption vulnerability in the Routing Protocol Daemon (RPD) in Juniper Networks Junos OS allows a specific SNMP request to trigger an infinite loop causing a high CPU usage Denial of Service (DoS) condition.
network
low complexity
juniper CWE-835
6.5
2019-10-09 CVE-2019-0075 Unspecified vulnerability in Juniper Junos
A vulnerability in the srxpfe process on Protocol Independent Multicast (PIM) enabled SRX series devices may lead to crash of the srxpfe process and an FPC reboot while processing (PIM) messages.
network
low complexity
juniper
7.5
2019-10-09 CVE-2019-0074 Path Traversal vulnerability in Juniper Junos
A path traversal vulnerability in NFX150 Series and QFX10K Series, EX9200 Series, MX Series and PTX Series devices with Next-Generation Routing Engine (NG-RE) allows a local authenticated user to read sensitive system files.
local
low complexity
juniper CWE-22
5.5
2019-10-09 CVE-2019-0073 Improper Preservation of Permissions vulnerability in Juniper Junos
The PKI keys exported using the command "run request security pki key-pair export" on Junos OS may have insecure file permissions.
local
low complexity
juniper CWE-281
7.1
2019-10-09 CVE-2019-0071 Improper Validation of Integrity Check Value vulnerability in Juniper Junos 18.1/18.3
Veriexec is a kernel-based file integrity subsystem in Junos OS that ensures only authorized binaries are able to be executed.
local
low complexity
juniper CWE-354
7.8