Vulnerabilities > Juniper > Junos > Critical

DATE CVE VULNERABILITY TITLE RISK
2017-07-17 CVE-2017-2343 Use of Hard-coded Credentials vulnerability in Juniper Junos 12.3X48/15.1X49
The Integrated User Firewall (UserFW) feature was introduced in Junos OS version 12.1X47-D10 on the Juniper SRX Series devices to provide simple integration of user profiles on top of the existing firewall polices.
network
low complexity
juniper CWE-798
critical
9.8
2017-07-17 CVE-2017-2345 Improper Input Validation vulnerability in Juniper Junos
On Junos OS devices with SNMP enabled, a network based attacker with unfiltered access to the RE can cause the Junos OS snmpd daemon to crash and restart by sending a crafted SNMP packet.
network
low complexity
juniper CWE-20
critical
9.8
2016-09-09 CVE-2016-1279 Information Exposure vulnerability in Juniper Junos
J-Web in Juniper Junos OS before 12.1X46-D45, 12.1X46-D50, 12.1X47 before 12.1X47-D35, 12.3 before 12.3R12, 12.3X48 before 12.3X48-D25, 13.3 before 13.3R10, 13.3R9 before 13.3R9-S1, 14.1 before 14.1R7, 14.1X53 before 14.1X53-D35, 14.2 before 14.2R6, 15.1 before 15.1A2 or 15.1F4, 15.1X49 before 15.1X49-D30, and 15.1R before 15.1R3 might allow remote attackers to obtain sensitive information and consequently gain administrative privileges via unspecified vectors.
network
low complexity
juniper CWE-200
critical
9.8
2013-10-28 CVE-2013-6014 Information Exposure vulnerability in Juniper Junos
Juniper Junos 10.4 before 10.4S15, 11.4 before 11.4R9, 11.4X27 before 11.4X27.44, 12.1 before 12.1R7, 12.1X44 before 12.1X44-D20, 12.1X45 before 12.1X45-D15, 12.2 before 12.2R6, 12.3 before 12.3R3, 13.1 before 13.1R3, and 13.2 before 13.2R1, when Proxy ARP is enabled on an unnumbered interface, allows remote attackers to perform ARP poisoning attacks and possibly obtain sensitive information via a crafted ARP message.
low complexity
juniper CWE-200
critical
9.3