Vulnerabilities > Juniper > Northstar Controller > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-04-24 | CVE-2017-2334 | Information Exposure vulnerability in Juniper Northstar Controller An information leak vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow a network-based malicious attacker to perform a man-in-the-middle attack, thereby stealing authentic credentials from encrypted paths which are easily decrypted, and subsequently gain complete control of the system. | 4.3 |
2017-04-24 | CVE-2017-2333 | Resource Exhaustion vulnerability in Juniper Northstar Controller A persistent denial of service vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow a malicious, network-based, authenticated attacker to consume enough system resources to cause a persistent denial of service by visiting certain specific URLs on the server. | 4.0 |
2017-04-24 | CVE-2017-2330 | Excessive Iteration vulnerability in Juniper Northstar Controller A denial of service vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an unauthenticated, local user, to create a fork bomb scenario, also known as a rabbit virus, or wabbit, which will create processes that replicate themselves, until all resources are consumed on the system, leading to a denial of service to the entire system until it is restarted. | 4.9 |
2017-04-24 | CVE-2017-2327 | Resource Exhaustion vulnerability in Juniper Northstar Controller A denial of service vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an authenticated malicious user to consume large amounts of system resources leading to a cascading denial of services. | 4.9 |
2017-04-24 | CVE-2017-2326 | Information Exposure vulnerability in Juniper Northstar Controller An information disclosure vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an unprivileged, authenticated, network-based attacker to replicate the underlying Junos OS VM and all data it maintains to their local system for future analysis. | 6.8 |
2017-04-24 | CVE-2017-2325 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Juniper Northstar Controller A buffer overflow vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an authenticated malicious user to cause a buffer overflow leading to a denial of service. | 4.0 |
2017-04-24 | CVE-2017-2324 | Command Injection vulnerability in Juniper Northstar Controller A command injection vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow a network-based malicious attacker to cause a denial of service condition. | 5.0 |
2017-04-24 | CVE-2017-2323 | Denial of Service vulnerability in Juniper NorthStar Controller Application A denial of service vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow a malicious attacker crafting packets destined to the device to cause a persistent denial of service to the path computation server service. | 5.0 |
2017-04-24 | CVE-2017-2318 | Information Exposure vulnerability in Juniper Northstar Controller A vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an authenticated malicious user to read log files which will compromise the integrity of the system, or provide elevation of privileges. | 4.0 |