Vulnerabilities > Juniper > Junos > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-22 | CVE-2021-0243 | Unspecified vulnerability in Juniper Junos 17.3/17.4/18.1 Improper Handling of Unexpected Data in the firewall policer of Juniper Networks Junos OS on EX4300 switches allows matching traffic to exceed set policer limits, possibly leading to a limited Denial of Service (DoS) condition. low complexity juniper | 3.3 |
| 2021-04-22 | CVE-2021-0256 | Improper Privilege Management vulnerability in Juniper Junos 17.3/17.4/18.1 A sensitive information disclosure vulnerability in the mosquitto message broker of Juniper Networks Junos OS may allow a locally authenticated user with shell access the ability to read portions of sensitive files, such as the master.passwd file. | 2.1 |
| 2021-04-22 | CVE-2021-0257 | Memory Leak vulnerability in Juniper Junos On Juniper Networks MX Series and EX9200 Series platforms with Trio-based MPCs (Modular Port Concentrators) where Integrated Routing and Bridging (IRB) interfaces are configured and mapped to a VPLS instance or a Bridge-Domain, certain Layer 2 network events at Customer Edge (CE) devices may cause memory leaks in the MPC of Provider Edge (PE) devices which can cause an out of memory condition and MPC restart. | 3.3 |
| 2021-04-22 | CVE-2021-0259 | Improper Handling of Exceptional Conditions vulnerability in Juniper Junos 17.3/17.4/18.1 Due to a vulnerability in DDoS protection in Juniper Networks Junos OS and Junos OS Evolved on QFX5K Series switches in a VXLAN configuration, instability might be experienced in the underlay network as a consequence of exceeding the default ddos-protection aggregate threshold. | 3.3 |
| 2021-04-22 | CVE-2021-0262 | Use After Free vulnerability in Juniper Junos 19.1/19.2/20.2 Through routine static code analysis of the Juniper Networks Junos OS software codebase, the Secure Development Life Cycle team identified a Use After Free vulnerability in PFE packet processing on the QFX10002-60C switching platform. | 3.3 |
| 2021-04-22 | CVE-2021-0267 | Improper Input Validation vulnerability in Juniper Junos An Improper Input Validation vulnerability in the active-lease query portion in JDHCPD's DHCP Relay Agent of Juniper Networks Junos OS allows an attacker to cause a Denial of Service (DoS) by sending a crafted DHCP packet to the device thereby crashing the jdhcpd DHCP service. | 3.3 |
| 2021-04-22 | CVE-2021-0271 | Double Free vulnerability in Juniper Junos 12.3/15.1 A Double Free vulnerability in the software forwarding interface daemon (sfid) process of Juniper Networks Junos OS allows an adjacently-connected attacker to cause a Denial of Service (DoS) by sending a crafted ARP packet to the device. | 3.3 |
| 2021-01-15 | CVE-2021-0208 | Improper Input Validation vulnerability in Juniper Junos 15.1X49/17.3/17.4 An improper input validation vulnerability in the Routing Protocol Daemon (RPD) service of Juniper Networks Junos OS allows an attacker to send a malformed RSVP packet when bidirectional LSPs are in use, which when received by an egress router crashes the RPD causing a Denial of Service (DoS) condition. | 3.3 |
| 2021-01-15 | CVE-2021-0215 | Memory Leak vulnerability in Juniper Junos On Juniper Networks Junos EX series, QFX Series, MX Series and SRX branch series devices, a memory leak occurs every time the 802.1X authenticator port interface flaps which can lead to other processes, such as the pfex process, responsible for packet forwarding, to crash and restart. | 2.9 |
| 2021-01-15 | CVE-2021-0217 | Allocation of Resources Without Limits or Throttling vulnerability in Juniper Junos A vulnerability in processing of certain DHCP packets from adjacent clients on EX Series and QFX Series switches running Juniper Networks Junos OS with DHCP local/relay server configured may lead to exhaustion of DMA memory causing a Denial of Service (DoS). | 3.3 |