Vulnerabilities > Juniper > Junos

DATE CVE VULNERABILITY TITLE RISK
2019-04-10 CVE-2019-0039 Improper Restriction of Excessive Authentication Attempts vulnerability in Juniper Junos
If REST API is enabled, the Junos OS login credentials are vulnerable to brute force attacks.
network
high complexity
juniper CWE-307
8.1
2019-04-10 CVE-2019-0038 Allocation of Resources Without Limits or Throttling vulnerability in Juniper Junos
Crafted packets destined to the management interface (fxp0) of an SRX340 or SRX345 services gateway may create a denial of service (DoS) condition due to buffer space exhaustion.
low complexity
juniper CWE-770
6.5
2019-04-10 CVE-2019-0037 Unspecified vulnerability in Juniper Junos
In a Dynamic Host Configuration Protocol version 6 (DHCPv6) environment, the jdhcpd daemon may crash and restart upon receipt of certain DHCPv6 solicit messages received from a DHCPv6 client.
network
low complexity
juniper
7.5
2019-04-10 CVE-2019-0036 Improper Check for Unusual or Exceptional Conditions vulnerability in Juniper Junos
When configuring a stateless firewall filter in Junos OS, terms named using the format "internal-n" (e.g.
network
low complexity
juniper CWE-754
critical
9.8
2019-04-10 CVE-2019-0035 Insufficiently Protected Credentials vulnerability in Juniper Junos
When "set system ports console insecure" is enabled, root login is disallowed for Junos OS as expected.
low complexity
juniper CWE-522
6.8
2019-04-10 CVE-2019-0033 Resource Exhaustion vulnerability in Juniper Junos
A firewall bypass vulnerability in the proxy ARP service of Juniper Networks Junos OS allows an attacker to cause a high CPU condition leading to a Denial of Service (DoS).
network
low complexity
juniper CWE-400
7.5
2019-04-10 CVE-2019-0031 Allocation of Resources Without Limits or Throttling vulnerability in Juniper Junos 17.4/18.1/18.1R
Specific IPv6 DHCP packets received by the jdhcpd daemon will cause a memory resource consumption issue to occur on a Junos OS device using the jdhcpd daemon configured to respond to IPv6 requests.
network
low complexity
juniper CWE-770
7.5
2019-04-10 CVE-2019-0028 Unspecified vulnerability in Juniper Junos
On Junos devices with the BGP graceful restart helper mode enabled or the BGP graceful restart mechanism enabled, a BGP session restart on a remote peer that has the graceful restart mechanism enabled may cause the local routing protocol daemon (RPD) process to crash and restart.
network
low complexity
juniper
7.5
2019-04-10 CVE-2019-0019 Unspecified vulnerability in Juniper Junos
When BGP tracing is enabled an incoming BGP message may cause the Junos OS routing protocol daemon (rpd) process to crash and restart.
network
low complexity
juniper
7.5
2019-04-10 CVE-2019-0008 Out-of-bounds Write vulnerability in Juniper Junos
A certain sequence of valid BGP or IPv6 BFD packets may trigger a stack based buffer overflow in the Junos OS Packet Forwarding Engine manager (FXPC) process on QFX5000 series, EX4300, EX4600 devices.
network
low complexity
juniper CWE-787
critical
9.8