Vulnerabilities > Juniper
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-22 | CVE-2021-0271 | Double Free vulnerability in Juniper Junos 12.3/15.1 A Double Free vulnerability in the software forwarding interface daemon (sfid) process of Juniper Networks Junos OS allows an adjacently-connected attacker to cause a Denial of Service (DoS) by sending a crafted ARP packet to the device. | 6.5 |
| 2021-04-22 | CVE-2021-0270 | Use After Free vulnerability in Juniper Junos 18.1 On PTX Series and QFX10k Series devices with the "inline-jflow" feature enabled, a use after free weakness in the Packet Forwarding Engine (PFE) microkernel architecture of Juniper Networks Junos OS may allow an attacker to cause a Denial of Service (DoS) condition whereby one or more Flexible PIC Concentrators (FPCs) may restart. | 5.9 |
| 2021-04-22 | CVE-2021-0268 | Injection vulnerability in Juniper Junos An Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting') weakness in J-web of Juniper Networks Junos OS leads to buffer overflows, segment faults, or other impacts, which allows an attacker to modify the integrity of the device and exfiltration information from the device without authentication. | 9.3 |
| 2021-04-22 | CVE-2021-0267 | Improper Input Validation vulnerability in Juniper Junos An Improper Input Validation vulnerability in the active-lease query portion in JDHCPD's DHCP Relay Agent of Juniper Networks Junos OS allows an attacker to cause a Denial of Service (DoS) by sending a crafted DHCP packet to the device thereby crashing the jdhcpd DHCP service. | 6.5 |
| 2021-04-22 | CVE-2021-0266 | Use of Hard-coded Credentials vulnerability in Juniper Junos 20.2/20.3/20.4 The use of multiple hard-coded cryptographic keys in cSRX Series software in Juniper Networks Junos OS allows an attacker to take control of any instance of a cSRX deployment through device management services. | 9.8 |
| 2021-04-22 | CVE-2021-0264 | Improper Handling of Exceptional Conditions vulnerability in Juniper Junos and Junos OS Evolved A vulnerability in the processing of traffic matching a firewall filter containing a syslog action in Juniper Networks Junos OS on MX Series with MPC10/MPC11 cards installed, PTX10003 and PTX10008 Series devices, will cause the line card to crash and restart, creating a Denial of Service (DoS). | 7.5 |
| 2021-04-22 | CVE-2021-0257 | Memory Leak vulnerability in Juniper Junos On Juniper Networks MX Series and EX9200 Series platforms with Trio-based MPCs (Modular Port Concentrators) where Integrated Routing and Bridging (IRB) interfaces are configured and mapped to a VPLS instance or a Bridge-Domain, certain Layer 2 network events at Customer Edge (CE) devices may cause memory leaks in the MPC of Provider Edge (PE) devices which can cause an out of memory condition and MPC restart. | 6.5 |
| 2021-04-22 | CVE-2021-0255 | Improper Privilege Management vulnerability in Juniper Junos A local privilege escalation vulnerability in ethtraceroute of Juniper Networks Junos OS may allow a locally authenticated user with shell access to escalate privileges and write to the local filesystem as root. | 7.8 |
| 2021-04-22 | CVE-2021-0253 | Unspecified vulnerability in Juniper Junos NFX Series devices using Juniper Networks Junos OS are susceptible to a local command execution vulnerability thereby allowing an attacker to elevate their privileges via the Junos Device Management Daemon (JDMD) process. | 7.8 |
| 2021-04-22 | CVE-2021-0252 | Unspecified vulnerability in Juniper Junos NFX Series devices using Juniper Networks Junos OS are susceptible to a local code execution vulnerability thereby allowing an attacker to elevate their privileges via the Junos Device Management Daemon (JDMD) process. | 7.8 |