Vulnerabilities > Juniper > Junos > High

DATE CVE VULNERABILITY TITLE RISK
2019-01-15 CVE-2019-0014 Data Processing Errors vulnerability in Juniper Junos 17.2X75/17.4/18.2
On QFX and PTX Series, receipt of a malformed packet for J-Flow sampling might crash the FPC (Flexible PIC Concentrator) process which causes all interfaces to go down.
network
low complexity
juniper CWE-19
7.5
2019-01-15 CVE-2019-0013 Data Processing Errors vulnerability in Juniper Junos
The routing protocol daemon (RPD) process will crash and restart when a specific invalid IPv4 PIM Join packet is received.
network
low complexity
juniper CWE-19
7.5
2019-01-15 CVE-2019-0012 Unspecified vulnerability in Juniper Junos
A Denial of Service (DoS) vulnerability in BGP in Juniper Networks Junos OS configured as a VPLS PE allows an attacker to craft a specific BGP message to cause the routing protocol daemon (rpd) process to crash and restart.
network
low complexity
juniper
7.5
2019-01-15 CVE-2019-0010 Allocation of Resources Without Limits or Throttling vulnerability in Juniper Junos 12.1X46/12.3X48/15.1X49
An SRX Series Service Gateway configured for Unified Threat Management (UTM) may experience a system crash with the error message "mbuf exceed" -- an indication of memory buffer exhaustion -- due to the receipt of crafted HTTP traffic.
network
low complexity
juniper CWE-770
7.5
2019-01-15 CVE-2019-0001 Uncontrolled Recursion vulnerability in multiple products
Receipt of a malformed packet on MX Series devices with dynamic vlan configuration can trigger an uncontrolled recursion loop in the Broadband Edge subscriber management daemon (bbe-smgd), and lead to high CPU usage and a crash of the bbe-smgd service.
network
low complexity
juniper fedoraproject CWE-674
7.5
2018-10-10 CVE-2018-0062 Improper Input Validation vulnerability in Juniper Junos
A Denial of Service vulnerability in J-Web service may allow a remote unauthenticated user to cause Denial of Service which may prevent other users to authenticate or to perform J-Web operations.
network
low complexity
juniper CWE-20
7.5
2018-10-10 CVE-2018-0058 Improper Input Validation vulnerability in Juniper Junos
Receipt of a specially crafted IPv6 exception packet may be able to trigger a kernel crash (vmcore), causing the device to reboot.
network
low complexity
juniper CWE-20
7.5
2018-10-10 CVE-2018-0052 Improper Authentication vulnerability in Juniper Junos
If RSH service is enabled on Junos OS and if the PAM authentication is disabled, a remote unauthenticated attacker can obtain root access to the device.
network
high complexity
juniper CWE-287
8.1
2018-10-10 CVE-2018-0049 NULL Pointer Dereference vulnerability in Juniper Junos
A NULL Pointer Dereference vulnerability in Juniper Networks Junos OS allows an attacker to cause the Junos OS kernel to crash.
network
low complexity
juniper CWE-476
7.5
2018-10-10 CVE-2018-0048 Resource Exhaustion vulnerability in Juniper Junos
A vulnerability in the Routing Protocols Daemon (RPD) with Juniper Extension Toolkit (JET) support can allow a network based unauthenticated attacker to cause a severe memory exhaustion condition on the device.
network
low complexity
juniper CWE-400
7.5