Vulnerabilities > Juniper > Junos > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-22 | CVE-2021-0254 | Out-of-bounds Write vulnerability in Juniper Junos A buffer size validation vulnerability in the overlayd service of Juniper Networks Junos OS may allow an unauthenticated remote attacker to send specially crafted packets to the device, triggering a partial Denial of Service (DoS) condition, or leading to remote code execution (RCE). | 9.8 |
| 2021-04-22 | CVE-2021-0266 | Use of Hard-coded Credentials vulnerability in Juniper Junos 20.2/20.3/20.4 The use of multiple hard-coded cryptographic keys in cSRX Series software in Juniper Networks Junos OS allows an attacker to take control of any instance of a cSRX deployment through device management services. | 9.8 |
| 2021-04-22 | CVE-2021-0268 | Injection vulnerability in Juniper Junos An Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting') weakness in J-web of Juniper Networks Junos OS leads to buffer overflows, segment faults, or other impacts, which allows an attacker to modify the integrity of the device and exfiltration information from the device without authentication. | 9.3 |
| 2021-01-15 | CVE-2021-0211 | Improper Check for Unusual or Exceptional Conditions vulnerability in Juniper Junos An improper check for unusual or exceptional conditions in Juniper Networks Junos OS and Junos OS Evolved Routing Protocol Daemon (RPD) service allows an attacker to send a valid BGP FlowSpec message thereby causing an unexpected change in the route advertisements within the BGP FlowSpec domain leading to disruptions in network traffic causing a Denial of Service (DoS) condition. | 10.0 |
| 2020-10-16 | CVE-2020-1660 | Unspecified vulnerability in Juniper Junos When DNS filtering is enabled on Juniper Networks Junos MX Series with one of the following cards MS-PIC, MS-MIC or MS-MPC, an incoming stream of packets processed by the Multiservices PIC Management Daemon (mspmand) process, responsible for managing "URL Filtering service", may crash, causing the Services PIC to restart. | 9.9 |
| 2020-07-17 | CVE-2020-1647 | Double Free vulnerability in Juniper Junos On Juniper Networks SRX Series with ICAP (Internet Content Adaptation Protocol) redirect service enabled, a double free vulnerability can lead to a Denial of Service (DoS) or Remote Code Execution (RCE) due to processing of a specific HTTP message. | 9.8 |
| 2020-07-17 | CVE-2020-1654 | Classic Buffer Overflow vulnerability in Juniper Junos On Juniper Networks SRX Series with ICAP (Internet Content Adaptation Protocol) redirect service enabled, processing a malformed HTTP message can lead to a Denial of Service (DoS) or Remote Code Execution (RCE) Continued processing of this malformed HTTP message may result in an extended Denial of Service (DoS) condition. | 9.8 |
| 2020-05-04 | CVE-2020-1631 | Path Traversal vulnerability in Juniper Junos A vulnerability in the HTTP/HTTPS service used by J-Web, Web Authentication, Dynamic-VPN (DVPN), Firewall Authentication Pass-Through with Web-Redirect, and Zero Touch Provisioning (ZTP) allows an unauthenticated attacker to perform local file inclusion (LFI) or path traversal. | 9.8 |
| 2020-04-08 | CVE-2020-1614 | Use of Hard-coded Credentials vulnerability in Juniper Junos A Use of Hard-coded Credentials vulnerability exists in the NFX250 Series for the vSRX Virtual Network Function (VNF) instance, which allows an attacker to take control of the vSRX VNF instance if they have the ability to access an administrative service (e.g. | 10.0 |
| 2020-04-08 | CVE-2020-1615 | Use of Hard-coded Credentials vulnerability in Juniper Junos The factory configuration for vMX installations, as shipped, includes default credentials for the root account. | 9.8 |