Vulnerabilities > Juniper > Junos > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-07-15 CVE-2021-0291 Information Exposure vulnerability in Juniper Junos 15.1/17.3/17.4
An Exposure of System Data vulnerability in Juniper Networks Junos OS and Junos OS Evolved, where a sensitive system-level resource is not being sufficiently protected, allows a network-based unauthenticated attacker to send specific traffic which partially reaches this resource.
network
low complexity
juniper CWE-200
6.5
2021-04-22 CVE-2021-0271 Double Free vulnerability in Juniper Junos 12.3/15.1
A Double Free vulnerability in the software forwarding interface daemon (sfid) process of Juniper Networks Junos OS allows an adjacently-connected attacker to cause a Denial of Service (DoS) by sending a crafted ARP packet to the device.
low complexity
juniper CWE-415
6.5
2021-04-22 CVE-2021-0270 Use After Free vulnerability in Juniper Junos 18.1
On PTX Series and QFX10k Series devices with the "inline-jflow" feature enabled, a use after free weakness in the Packet Forwarding Engine (PFE) microkernel architecture of Juniper Networks Junos OS may allow an attacker to cause a Denial of Service (DoS) condition whereby one or more Flexible PIC Concentrators (FPCs) may restart.
network
high complexity
juniper CWE-416
5.9
2021-04-22 CVE-2021-0267 Improper Input Validation vulnerability in Juniper Junos
An Improper Input Validation vulnerability in the active-lease query portion in JDHCPD's DHCP Relay Agent of Juniper Networks Junos OS allows an attacker to cause a Denial of Service (DoS) by sending a crafted DHCP packet to the device thereby crashing the jdhcpd DHCP service.
low complexity
juniper CWE-20
6.5
2021-04-22 CVE-2021-0257 Memory Leak vulnerability in Juniper Junos
On Juniper Networks MX Series and EX9200 Series platforms with Trio-based MPCs (Modular Port Concentrators) where Integrated Routing and Bridging (IRB) interfaces are configured and mapped to a VPLS instance or a Bridge-Domain, certain Layer 2 network events at Customer Edge (CE) devices may cause memory leaks in the MPC of Provider Edge (PE) devices which can cause an out of memory condition and MPC restart.
low complexity
juniper CWE-401
6.5
2021-04-22 CVE-2021-0247 Race Condition vulnerability in Juniper Junos
A Race Condition (Concurrent Execution using Shared Resource with Improper Synchronization) vulnerability in the firewall process (dfwd) of Juniper Networks Junos OS allows an attacker to bypass the firewall rule sets applied to the input loopback filter on any interfaces of a device.
network
high complexity
juniper CWE-362
5.5
2021-04-22 CVE-2021-0242 Allocation of Resources Without Limits or Throttling vulnerability in Juniper Junos
A vulnerability due to the improper handling of direct memory access (DMA) buffers on EX4300 switches on Juniper Networks Junos OS allows an attacker sending specific unicast frames to trigger a Denial of Service (DoS) condition by exhausting DMA buffers, causing the FPC to crash and the device to restart.
low complexity
juniper CWE-770
6.5
2021-04-22 CVE-2021-0241 Improper Handling of Exceptional Conditions vulnerability in Juniper Junos
On Juniper Networks Junos OS platforms configured as DHCPv6 local server or DHCPv6 Relay Agent, Juniper Networks Dynamic Host Configuration Protocol Daemon (JDHCPD) process might crash with a core dump if a specific DHCPv6 packet is received, resulting in a restart of the daemon.
low complexity
juniper CWE-755
6.5
2021-04-22 CVE-2021-0240 Improper Handling of Exceptional Conditions vulnerability in Juniper Junos
On Juniper Networks Junos OS platforms configured as DHCPv6 local server or DHCPv6 Relay Agent, the Juniper Networks Dynamic Host Configuration Protocol Daemon (JDHCPD) process might crash if a malformed DHCPv6 packet is received, resulting in a restart of the daemon.
low complexity
juniper CWE-755
6.5
2021-04-22 CVE-2021-0237 Unspecified vulnerability in Juniper Junos
On Juniper Networks EX4300-MP Series, EX4600 Series, EX4650 Series, QFX5K Series deployed as a Virtual Chassis with a specific Layer 2 circuit configuration, Packet Forwarding Engine manager (FXPC) process may crash and restart upon receipt of specific layer 2 frames.
low complexity
juniper
6.5