Vulnerabilities > Juniper > Junos
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-10-16 | CVE-2020-1680 | Incorrect Calculation of Buffer Size vulnerability in Juniper Junos On Juniper Networks MX Series with MS-MIC or MS-MPC card configured with NAT64 configuration, receipt of a malformed IPv6 packet may crash the MS-PIC component on MS-MIC or MS-MPC. | 5.3 |
| 2020-10-16 | CVE-2020-1679 | Unspecified vulnerability in Juniper Junos On Juniper Networks PTX and QFX Series devices with packet sampling configured using tunnel-observation mpls-over-udp, sampling of a malformed packet can cause the Kernel Routing Table (KRT) queue to become stuck. | 7.5 |
| 2020-10-16 | CVE-2020-1678 | Memory Leak vulnerability in Juniper Junos and Junos OS Evolved On Juniper Networks Junos OS and Junos OS Evolved platforms with EVPN configured, receipt of specific BGP packets causes a slow memory leak. | 6.5 |
| 2020-10-16 | CVE-2020-1673 | Cross-site Scripting vulnerability in Juniper Junos Insufficient Cross-Site Scripting (XSS) protection in Juniper Networks J-Web and web based (HTTP/HTTPS) services allows an unauthenticated attacker to hijack the target user's HTTP/HTTPS session and perform administrative actions on the Junos device as the targeted user. | 8.8 |
| 2020-10-16 | CVE-2020-1672 | Unspecified vulnerability in Juniper Junos On Juniper Networks Junos OS devices configured with DHCPv6 relay enabled, receipt of a specific DHCPv6 packet might crash the jdhcpd daemon. | 7.5 |
| 2020-10-16 | CVE-2020-1671 | Unspecified vulnerability in Juniper Junos On Juniper Networks Junos OS platforms configured as DHCPv6 local server or DHCPv6 Relay Agent, Juniper Networks Dynamic Host Configuration Protocol Daemon (JDHCPD) process might crash with a core dump if a malformed DHCPv6 packet is received, resulting with the restart of the daemon. | 7.5 |
| 2020-10-16 | CVE-2020-1670 | Unspecified vulnerability in Juniper Junos On Juniper Networks EX4300 Series, receipt of a stream of specific IPv4 packets can cause Routing Engine (RE) high CPU load, which could lead to network protocol operation issue and traffic interruption. low complexity juniper | 6.5 |
| 2020-10-16 | CVE-2020-1669 | Insufficiently Protected Credentials vulnerability in Juniper Junos 19.4/20.1 The Juniper Device Manager (JDM) container, used by the disaggregated Junos OS architecture on Juniper Networks NFX350 Series devices, stores password hashes in the world-readable file /etc/passwd. | 6.3 |
| 2020-10-16 | CVE-2020-1668 | Unspecified vulnerability in Juniper Junos On Juniper Networks EX2300 Series, receipt of a stream of specific multicast packets by the layer2 interface can cause high CPU load, which could lead to traffic interruption. low complexity juniper | 6.5 |
| 2020-10-16 | CVE-2020-1667 | Race Condition vulnerability in Juniper Junos When DNS filtering is enabled on Juniper Networks Junos MX Series with one of the following cards MS-PIC, MS-MIC or MS-MPC, an incoming stream of packets processed by the Multiservices PIC Management Daemon (mspmand) process might be bypassed due to a race condition. | 8.3 |