Vulnerabilities > Juniper > Junos
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-10-09 | CVE-2019-0070 | Improper Input Validation vulnerability in Juniper Junos An Improper Input Validation weakness allows a malicious local attacker to elevate their permissions to take control of other portions of the NFX platform they should not be able to access, and execute commands outside their authorized scope of control. | 8.8 |
2019-10-09 | CVE-2019-0069 | Cleartext Transmission of Sensitive Information vulnerability in Juniper Junos On EX4600, QFX5100 Series, NFX Series, QFX10K Series, QFX5110, QFX5200 Series, QFX5110, QFX5200, QFX10K Series, vSRX, SRX1500, SRX4000 Series, vSRX, SRX1500, SRX4000, QFX5110, QFX5200, QFX10K Series, when the user uses console management port to authenticate, the credentials used during device authentication are written to a log file in clear text. | 5.5 |
2019-10-09 | CVE-2019-0068 | Improper Check for Unusual or Exceptional Conditions vulnerability in Juniper Junos The SRX flowd process, responsible for packet forwarding, may crash and restart when processing specific multicast packets. | 7.5 |
2019-10-09 | CVE-2019-0067 | Unspecified vulnerability in Juniper Junos 16.1/16.2/17.1 Receipt of a specific link-local IPv6 packet destined to the RE may cause the system to crash and restart (vmcore). low complexity juniper | 6.5 |
2019-10-09 | CVE-2019-0066 | Unspecified vulnerability in Juniper Junos An unexpected status return value weakness in the Next-Generation Multicast VPN (NG-mVPN) service of Juniper Networks Junos OS allows attacker to cause a Denial of Service (DoS) condition and core the routing protocol daemon (rpd) process when a specific malformed IPv4 packet is received by the device running BGP. | 7.5 |
2019-10-09 | CVE-2019-0065 | Unspecified vulnerability in Juniper Junos On MX Series, when the SIP ALG is enabled, receipt of a certain malformed SIP packet may crash the MS-PIC component on MS-MIC or MS-MPC. | 7.5 |
2019-10-09 | CVE-2019-0064 | Unspecified vulnerability in Juniper Junos 18.2/18.4/19.2 On SRX5000 Series devices, if 'set security zones security-zone <zone> tcp-rst' is configured, the flowd process may crash when a specific TCP packet is received by the device and triggers a new session. | 7.5 |
2019-10-09 | CVE-2019-0063 | Unspecified vulnerability in Juniper Junos When an MX Series Broadband Remote Access Server (BRAS) is configured as a Broadband Network Gateway (BNG) with DHCPv6 enabled, jdhcpd might crash when receiving a specific crafted DHCP response message on a subscriber interface. | 7.5 |
2019-10-09 | CVE-2019-0062 | Session Fixation vulnerability in Juniper Junos A session fixation vulnerability in J-Web on Junos OS may allow an attacker to use social engineering techniques to fix and hijack a J-Web administrators web session and potentially gain administrative access to the device. | 8.8 |
2019-10-09 | CVE-2019-0061 | Unspecified vulnerability in Juniper Junos The management daemon (MGD) is responsible for all configuration and management operations in Junos OS. | 7.8 |