Vulnerabilities > Juniper > Junos > High

DATE CVE VULNERABILITY TITLE RISK
2022-01-19 CVE-2022-22180 Unspecified vulnerability in Juniper Junos
An Improper Check for Unusual or Exceptional Conditions vulnerability in the processing of specific IPv6 packets on certain EX Series devices may lead to exhaustion of DMA memory causing a Denial of Service (DoS).
network
low complexity
juniper
7.5
2021-10-19 CVE-2021-31350 Improper Privilege Management vulnerability in Juniper Junos and Junos OS Evolved
An Improper Privilege Management vulnerability in the gRPC framework, used by the Juniper Extension Toolkit (JET) API on Juniper Networks Junos OS and Junos OS Evolved, allows a network-based, low-privileged authenticated attacker to perform operations as root, leading to complete compromise of the targeted system.
network
low complexity
juniper CWE-269
8.8
2021-10-19 CVE-2021-31354 Out-of-bounds Read vulnerability in Juniper Junos and Junos OS Evolved
An Out Of Bounds (OOB) access vulnerability in the handling of responses by a Juniper Agile License (JAL) Client in Juniper Networks Junos OS and Junos OS Evolved, configured in Network Mode (to use Juniper Agile License Manager) may allow an attacker to cause a partial Denial of Service (DoS), or lead to remote code execution (RCE).
low complexity
juniper CWE-125
8.8
2021-10-19 CVE-2021-31378 Missing Release of Resource after Effective Lifetime vulnerability in Juniper Junos
In broadband environments, including but not limited to Enhanced Subscriber Management, (CHAP, PPP, DHCP, etc.), on Juniper Networks Junos OS devices where RADIUS servers are configured for managing subscriber access and a subscriber is logged in and then requests to logout, the subscriber may be forced into a "Terminating" state by an attacker who is able to send spoofed messages appearing to originate from trusted RADIUS server(s) destined to the device in response to the subscriber's request.
network
low complexity
juniper CWE-772
7.5
2021-07-15 CVE-2021-0278 Improper Input Validation vulnerability in Juniper Junos
An Improper Input Validation vulnerability in J-Web of Juniper Networks Junos OS allows a locally authenticated attacker to escalate their privileges to root over the target device.
local
low complexity
juniper CWE-20
7.8
2021-07-15 CVE-2021-0281 Improper Check for Unusual or Exceptional Conditions vulnerability in Juniper Junos
On Juniper Networks Junos OS devices configured with BGP origin validation using Resource Public Key Infrastructure (RPKI) receipt of a specific packet from the RPKI cache server may cause routing process daemon (RPD) to crash and restart, creating a Denial of Service (DoS) condition.
network
low complexity
juniper CWE-754
7.5
2021-04-22 CVE-2021-0264 Improper Handling of Exceptional Conditions vulnerability in Juniper Junos and Junos OS Evolved
A vulnerability in the processing of traffic matching a firewall filter containing a syslog action in Juniper Networks Junos OS on MX Series with MPC10/MPC11 cards installed, PTX10003 and PTX10008 Series devices, will cause the line card to crash and restart, creating a Denial of Service (DoS).
network
low complexity
juniper CWE-755
7.5
2021-04-22 CVE-2021-0255 Improper Privilege Management vulnerability in Juniper Junos
A local privilege escalation vulnerability in ethtraceroute of Juniper Networks Junos OS may allow a locally authenticated user with shell access to escalate privileges and write to the local filesystem as root.
local
low complexity
juniper CWE-269
7.8
2021-04-22 CVE-2021-0253 Unspecified vulnerability in Juniper Junos
NFX Series devices using Juniper Networks Junos OS are susceptible to a local command execution vulnerability thereby allowing an attacker to elevate their privileges via the Junos Device Management Daemon (JDMD) process.
local
low complexity
juniper
7.8
2021-04-22 CVE-2021-0252 Unspecified vulnerability in Juniper Junos
NFX Series devices using Juniper Networks Junos OS are susceptible to a local code execution vulnerability thereby allowing an attacker to elevate their privileges via the Junos Device Management Daemon (JDMD) process.
local
low complexity
juniper
7.8