Vulnerabilities > Juniper > Junos

DATE CVE VULNERABILITY TITLE RISK
2018-04-11 CVE-2018-0017 Improper Input Validation vulnerability in Juniper Junos
A vulnerability in the Network Address Translation - Protocol Translation (NAT-PT) feature of Junos OS on SRX series devices may allow a certain valid IPv6 packet to crash the flowd daemon.
network
low complexity
juniper CWE-20
6.5
2018-04-11 CVE-2018-0016 Unspecified vulnerability in Juniper Junos
Receipt of a specially crafted Connectionless Network Protocol (CLNP) datagram destined to an interface of a Junos OS device may result in a kernel crash or lead to remote code execution.
network
high complexity
juniper
7.5
2018-01-10 CVE-2018-0009 Unspecified vulnerability in Juniper Junos 12.1X46/12.3X48/15.1X49
On Juniper Networks SRX series devices, firewall rules configured to match custom application UUIDs starting with zeros can match all TCP traffic.
network
high complexity
juniper
5.9
2018-01-10 CVE-2018-0008 Improper Authentication vulnerability in Juniper Junos
An unauthenticated root login may allow upon reboot when a commit script is used.
low complexity
juniper CWE-287
6.2
2018-01-10 CVE-2018-0007 Command Injection vulnerability in Juniper Junos
An unauthenticated network-based attacker able to send a maliciously crafted LLDP packet to the local segment, through a local segment broadcast, may be able to cause a Junos device to enter an improper boundary check condition allowing a memory corruption to occur, leading to a denial of service.
network
low complexity
juniper CWE-77
critical
9.8
2018-01-10 CVE-2018-0006 Allocation of Resources Without Limits or Throttling vulnerability in Juniper Junos
A high rate of VLAN authentication attempts sent from an adjacent host on the local broadcast domain can trigger high memory utilization by the BBE subscriber management daemon (bbe-smgd), and lead to a denial of service condition.
high complexity
juniper CWE-770
5.3
2018-01-10 CVE-2018-0005 Improper Check for Unusual or Exceptional Conditions vulnerability in Juniper Junos 14.1X53/15.1/15.1X53
QFX and EX Series switches configured to drop traffic when the MAC move limit is exceeded will forward traffic instead of dropping traffic.
low complexity
juniper CWE-754
8.8
2018-01-10 CVE-2018-0004 Resource Exhaustion vulnerability in Juniper Junos
A sustained sequence of different types of normal transit traffic can trigger a high CPU consumption denial of service condition in the Junos OS register and schedule software interrupt handler subsystem when a specific command is issued to the device.
network
low complexity
juniper CWE-400
6.5
2018-01-10 CVE-2018-0003 Unspecified vulnerability in Juniper Junos
A specially crafted MPLS packet received or processed by the system, on an interface configured with MPLS, will store information in the system memory.
low complexity
juniper
6.5
2018-01-10 CVE-2018-0002 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Juniper Junos
On SRX Series and MX Series devices with a Service PIC with any ALG enabled, a crafted TCP/IP response packet processed through the device results in memory corruption leading to a flowd daemon crash.
network
high complexity
juniper CWE-119
5.9