Vulnerabilities > Juniper > Junos
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-07-17 | CVE-2020-1640 | Improper Input Validation vulnerability in Juniper Junos An improper use of a validation framework when processing incoming genuine BGP packets within Juniper Networks RPD (routing protocols process) daemon allows an attacker to crash RPD thereby causing a Denial of Service (DoS) condition. | 7.5 |
| 2020-05-19 | CVE-2020-7656 | Cross-site Scripting vulnerability in multiple products jquery prior to 1.9.0 allows Cross-site Scripting attacks via the load method. | 6.1 |
| 2020-05-04 | CVE-2020-1631 | Path Traversal vulnerability in Juniper Junos A vulnerability in the HTTP/HTTPS service used by J-Web, Web Authentication, Dynamic-VPN (DVPN), Firewall Authentication Pass-Through with Web-Redirect, and Zero Touch Provisioning (ZTP) allows an unauthenticated attacker to perform local file inclusion (LFI) or path traversal. | 9.8 |
| 2020-04-15 | CVE-2020-1632 | Improper Handling of Exceptional Conditions vulnerability in Juniper Junos In a certain condition, receipt of a specific BGP UPDATE message might cause Juniper Networks Junos OS and Junos OS Evolved devices to advertise an invalid BGP UPDATE message to other peers, causing the other peers to terminate the established BGP session, creating a Denial of Service (DoS) condition. | 8.6 |
| 2020-04-09 | CVE-2020-1633 | Unspecified vulnerability in Juniper Junos Due to a new NDP proxy feature for EVPN leaf nodes introduced in Junos OS 17.4, crafted NDPv6 packets could transit a Junos device configured as a Broadband Network Gateway (BNG) and reach the EVPN leaf node, causing a stale MAC address entry. low complexity juniper | 6.5 |
| 2020-04-08 | CVE-2020-1639 | Improper Handling of Exceptional Conditions vulnerability in Juniper Junos When an attacker sends a specific crafted Ethernet Operation, Administration, and Maintenance (Ethernet OAM) packet to a target device, it may improperly handle the incoming malformed data and fail to sanitize this incoming data resulting in an overflow condition. | 7.5 |
| 2020-04-08 | CVE-2020-1638 | Unspecified vulnerability in Juniper Junos and Junos OS Evolved The FPC (Flexible PIC Concentrator) of Juniper Networks Junos OS and Junos OS Evolved may restart after processing a specific IPv4 packet. | 7.5 |
| 2020-04-08 | CVE-2020-1637 | Improper Authentication vulnerability in Juniper Junos A vulnerability in Juniper Networks SRX Series device configured as a Junos OS Enforcer device may allow a user to access network resources that are not permitted by a UAC policy. | 6.5 |
| 2020-04-08 | CVE-2020-1634 | Unspecified vulnerability in Juniper Junos 12.3X48 On High-End SRX Series devices, in specific configurations and when specific networking events or operator actions occur, an SPC receiving genuine multicast traffic may core. | 7.5 |
| 2020-04-08 | CVE-2020-1630 | Unspecified vulnerability in Juniper Junos A privilege escalation vulnerability in Juniper Networks Junos OS devices configured with dual Routing Engines (RE), Virtual Chassis (VC) or high-availability cluster may allow a local authenticated low-privileged user with access to the shell to perform unauthorized configuration modification. | 5.5 |