Vulnerabilities > Juniper > Junos

DATE CVE VULNERABILITY TITLE RISK
2019-10-09 CVE-2019-0060 Improper Handling of Exceptional Conditions vulnerability in Juniper Junos 15.1X49/18.2/18.4
The flowd process, responsible for forwarding traffic in SRX Series services gateways, may crash and restart when processing specific transit IP packets through an IPSec tunnel.
network
low complexity
juniper CWE-755
7.5
2019-10-09 CVE-2019-0059 Memory Leak vulnerability in Juniper Junos 18.1/18.1X75
A memory leak vulnerability in the of Juniper Networks Junos OS allows an attacker to cause a Denial of Service (DoS) to the device by sending specific commands from a peered BGP host and having those BGP states delivered to the vulnerable device.
network
low complexity
juniper CWE-401
7.5
2019-10-09 CVE-2019-0058 Unspecified vulnerability in Juniper Junos 12.3X48
A vulnerability in the Veriexec subsystem of Juniper Networks Junos OS allowing an attacker to fully compromise the host system.
local
low complexity
juniper
7.8
2019-10-09 CVE-2019-0057 Unspecified vulnerability in Juniper Junos
An improper authorization weakness in Juniper Networks Junos OS allows a local authenticated attacker to bypass regular security controls to access the Junos Device Manager (JDM) application and take control of the system.
local
low complexity
juniper
7.8
2019-10-09 CVE-2019-0056 Unspecified vulnerability in Juniper Junos
This issue only affects devices with three (3) or more MPC10's installed in a single chassis with OSPF enabled and configured on the device.
network
low complexity
juniper
7.5
2019-10-09 CVE-2019-0055 Unspecified vulnerability in Juniper Junos
A vulnerability in the SIP ALG packet processing service of Juniper Networks Junos OS allows an attacker to cause a Denial of Service (DoS) to the device by sending specific types of valid SIP traffic to the device.
network
low complexity
juniper
7.5
2019-10-09 CVE-2019-0054 Improper Certificate Validation vulnerability in Juniper Junos 15.1X49
An Improper Certificate Validation weakness in the SRX Series Application Identification (app-id) signature update client of Juniper Networks Junos OS allows an attacker to perform Man-in-the-Middle (MitM) attacks which may compromise the integrity and confidentiality of the device.
network
high complexity
juniper CWE-295
7.4
2019-10-09 CVE-2019-0051 Improper Handling of Exceptional Conditions vulnerability in Juniper Junos
SSL-Proxy feature on SRX devices fails to handle a hardware resource limitation which can be exploited by remote SSL/TLS servers to crash the flowd daemon.
network
low complexity
juniper CWE-755
7.5
2019-10-09 CVE-2019-0050 Unspecified vulnerability in Juniper Junos
Under certain heavy traffic conditions srxpfe process can crash and result in a denial of service condition for the SRX1500 device.
network
low complexity
juniper
7.5
2019-10-09 CVE-2019-0047 Cross-site Scripting vulnerability in Juniper Junos
A persistent Cross-Site Scripting (XSS) vulnerability in Junos OS J-Web interface may allow remote unauthenticated attackers to perform administrative actions on the Junos device.
network
low complexity
juniper CWE-79
8.8