Vulnerabilities > Juniper > Junos > High

DATE CVE VULNERABILITY TITLE RISK
2020-04-15 CVE-2020-1632 Improper Handling of Exceptional Conditions vulnerability in Juniper Junos
In a certain condition, receipt of a specific BGP UPDATE message might cause Juniper Networks Junos OS and Junos OS Evolved devices to advertise an invalid BGP UPDATE message to other peers, causing the other peers to terminate the established BGP session, creating a Denial of Service (DoS) condition.
network
low complexity
juniper CWE-755
8.6
2020-04-08 CVE-2020-1639 Improper Handling of Exceptional Conditions vulnerability in Juniper Junos
When an attacker sends a specific crafted Ethernet Operation, Administration, and Maintenance (Ethernet OAM) packet to a target device, it may improperly handle the incoming malformed data and fail to sanitize this incoming data resulting in an overflow condition.
network
low complexity
juniper CWE-755
7.5
2020-04-08 CVE-2020-1638 Unspecified vulnerability in Juniper Junos and Junos OS Evolved
The FPC (Flexible PIC Concentrator) of Juniper Networks Junos OS and Junos OS Evolved may restart after processing a specific IPv4 packet.
network
low complexity
juniper
7.5
2020-04-08 CVE-2020-1634 Unspecified vulnerability in Juniper Junos 12.3X48
On High-End SRX Series devices, in specific configurations and when specific networking events or operator actions occur, an SPC receiving genuine multicast traffic may core.
network
low complexity
juniper
7.5
2020-04-08 CVE-2020-1627 Unspecified vulnerability in Juniper Junos
A vulnerability in Juniper Networks Junos OS on vMX and MX150 devices may allow an attacker to cause a Denial of Service (DoS) by sending specific packets requiring special processing in microcode that the flow cache can't handle, causing the riot forwarding daemon to crash.
network
low complexity
juniper
7.5
2020-04-08 CVE-2020-1617 Improper Initialization vulnerability in Juniper Junos
This issue occurs on Juniper Networks Junos OS devices which do not support Advanced Forwarding Interface (AFI) / Advanced Forwarding Toolkit (AFT).
network
low complexity
juniper CWE-665
7.5
2020-04-08 CVE-2020-1613 Unspecified vulnerability in Juniper Junos
A vulnerability in the BGP FlowSpec implementation may cause a Juniper Networks Junos OS device to terminate an established BGP session upon receiving a specific BGP FlowSpec advertisement.
network
low complexity
juniper
7.5
2020-02-11 CVE-2014-6447 Cross-site Scripting vulnerability in Juniper Junos
Multiple vulnerabilities exist in Juniper Junos J-Web error handling that may lead to cross site scripting (XSS) issues or crash the J-Web service (DoS).
network
low complexity
juniper CWE-79
7.1
2020-01-15 CVE-2014-6448 Improper Privilege Management vulnerability in Juniper Junos
Juniper Junos OS 13.2 before 13.2R5, 13.2X51, 13.2X52, and 13.3 before 13.3R3 allow local users to bypass intended restrictions and execute arbitrary Python code via vectors involving shell access.
local
low complexity
juniper CWE-269
7.8
2020-01-15 CVE-2020-1609 OS Command Injection vulnerability in Juniper Junos
When a device using Juniper Network's Dynamic Host Configuration Protocol Daemon (JDHCPD) process on Junos OS or Junos OS Evolved which is configured in relay mode it vulnerable to an attacker sending crafted IPv6 packets who may then arbitrarily execute commands as root on the target device.
low complexity
juniper CWE-78
8.8