Vulnerabilities > Juniper

DATE CVE VULNERABILITY TITLE RISK
2021-10-19 CVE-2021-31381 Unspecified vulnerability in Juniper Session and Resource Control
A configuration weakness in the JBoss Application Server (AppSvr) component of Juniper Networks SRC Series allows a remote attacker to send a specially crafted query to cause the web server to delete files which may allow the attacker to disrupt the integrity and availability of the system.
network
low complexity
juniper
critical
9.1
2021-10-19 CVE-2021-31382 Race Condition vulnerability in Juniper Junos
On PTX1000 System, PTX10002-60C System, after upgrading to an affected release, a Race Condition vulnerability between the chassis daemon (chassisd) and firewall process (dfwd) of Juniper Networks Junos OS, may update the device's interfaces with incorrect firewall filters.
network
high complexity
juniper CWE-362
critical
9.0
2021-10-19 CVE-2021-31384 Missing Authorization vulnerability in Juniper Junos 20.4/21.1
Due to a Missing Authorization weakness and Insufficient Granularity of Access Control in a specific device configuration, a vulnerability exists in Juniper Networks Junos OS on SRX Series whereby an attacker who attempts to access J-Web administrative interfaces can successfully do so from any device interface regardless of the web-management configuration and filter rules which may otherwise protect access to J-Web.
network
low complexity
juniper CWE-862
critical
10.0
2021-10-19 CVE-2021-31386 Unspecified vulnerability in Juniper Junos
A Protection Mechanism Failure vulnerability in the J-Web HTTP service of Juniper Networks Junos OS allows a remote unauthenticated attacker to perform Person-in-the-Middle (PitM) attacks against the device.
network
high complexity
juniper
5.9
2021-09-20 CVE-2021-39531 Out-of-bounds Write vulnerability in Juniper Libslax
An issue was discovered in libslax through v0.22.1.
network
low complexity
juniper CWE-787
8.8
2021-09-20 CVE-2021-39532 NULL Pointer Dereference vulnerability in Juniper Libslax
An issue was discovered in libslax through v0.22.1.
network
low complexity
juniper CWE-476
6.5
2021-09-20 CVE-2021-39533 Out-of-bounds Write vulnerability in Juniper Libslax
An issue was discovered in libslax through v0.22.1.
network
low complexity
juniper CWE-787
8.8
2021-09-20 CVE-2021-39534 Out-of-bounds Write vulnerability in Juniper Libslax
An issue was discovered in libslax through v0.22.1.
network
low complexity
juniper CWE-787
8.8
2021-07-15 CVE-2021-0278 Improper Input Validation vulnerability in Juniper Junos
An Improper Input Validation vulnerability in J-Web of Juniper Networks Junos OS allows a locally authenticated attacker to escalate their privileges to root over the target device.
local
low complexity
juniper CWE-20
7.8
2021-07-15 CVE-2021-0279 Use of Hard-coded Credentials vulnerability in Juniper Contrail Cloud
Juniper Networks Contrail Cloud (CC) releases prior to 13.6.0 have RabbitMQ service enabled by default with hardcoded credentials.
network
low complexity
juniper CWE-798
5.5