Vulnerabilities > Juniper > Junos > Medium

DATE CVE VULNERABILITY TITLE RISK
2018-04-11 CVE-2018-0018 Information Exposure vulnerability in Juniper Junos 12.1X46/12.3X48/15.1X49
On SRX Series devices during compilation of IDP policies, an attacker sending specially crafted packets may be able to bypass firewall rules, leading to information disclosure which an attacker may use to gain control of the target device or other internal devices, systems or services protected by the SRX Series device.
network
high complexity
juniper CWE-200
5.9
2018-04-11 CVE-2018-0017 Improper Input Validation vulnerability in Juniper Junos
A vulnerability in the Network Address Translation - Protocol Translation (NAT-PT) feature of Junos OS on SRX series devices may allow a certain valid IPv6 packet to crash the flowd daemon.
network
low complexity
juniper CWE-20
6.5
2018-01-10 CVE-2018-0009 Unspecified vulnerability in Juniper Junos 12.1X46/12.3X48/15.1X49
On Juniper Networks SRX series devices, firewall rules configured to match custom application UUIDs starting with zeros can match all TCP traffic.
network
high complexity
juniper
5.9
2018-01-10 CVE-2018-0008 Improper Authentication vulnerability in Juniper Junos
An unauthenticated root login may allow upon reboot when a commit script is used.
low complexity
juniper CWE-287
6.2
2018-01-10 CVE-2018-0006 Allocation of Resources Without Limits or Throttling vulnerability in Juniper Junos
A high rate of VLAN authentication attempts sent from an adjacent host on the local broadcast domain can trigger high memory utilization by the BBE subscriber management daemon (bbe-smgd), and lead to a denial of service condition.
high complexity
juniper CWE-770
5.3
2018-01-10 CVE-2018-0004 Resource Exhaustion vulnerability in Juniper Junos
A sustained sequence of different types of normal transit traffic can trigger a high CPU consumption denial of service condition in the Junos OS register and schedule software interrupt handler subsystem when a specific command is issued to the device.
network
low complexity
juniper CWE-400
6.5
2018-01-10 CVE-2018-0003 Unspecified vulnerability in Juniper Junos
A specially crafted MPLS packet received or processed by the system, on an interface configured with MPLS, will store information in the system memory.
low complexity
juniper
6.5
2018-01-10 CVE-2018-0002 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Juniper Junos
On SRX Series and MX Series devices with a Service PIC with any ALG enabled, a crafted TCP/IP response packet processed through the device results in memory corruption leading to a flowd daemon crash.
network
high complexity
juniper CWE-119
5.9
2017-10-13 CVE-2017-10621 Resource Exhaustion vulnerability in Juniper Junos
A denial of service vulnerability in telnetd service on Juniper Networks Junos OS allows remote unauthenticated attackers to cause a denial of service.
network
low complexity
juniper CWE-400
5.3
2017-10-13 CVE-2017-10618 Unspecified vulnerability in Juniper Junos
When the 'bgp-error-tolerance' feature â€" designed to help mitigate remote session resets from malformed path attributes â€" is enabled, a BGP UPDATE containing a specifically crafted set of transitive attributes can cause the RPD routing process to crash and restart.
network
high complexity
juniper
5.9