Vulnerabilities > Juniper

DATE CVE VULNERABILITY TITLE RISK
2020-07-17 CVE-2020-1648 Unspecified vulnerability in Juniper Junos and Junos OS Evolved
On Juniper Networks Junos OS and Junos OS Evolved devices, processing a specific BGP packet can lead to a routing process daemon (RPD) crash and restart.
network
low complexity
juniper
7.5
2020-07-17 CVE-2020-1647 Double Free vulnerability in Juniper Junos
On Juniper Networks SRX Series with ICAP (Internet Content Adaptation Protocol) redirect service enabled, a double free vulnerability can lead to a Denial of Service (DoS) or Remote Code Execution (RCE) due to processing of a specific HTTP message.
network
low complexity
juniper CWE-415
critical
9.8
2020-07-17 CVE-2020-1646 Unspecified vulnerability in Juniper Junos and Junos OS Evolved
On Juniper Networks Junos OS and Junos OS Evolved devices, processing a specific UPDATE for an EBGP peer can lead to a routing process daemon (RPD) crash and restart.
network
low complexity
juniper
7.5
2020-07-17 CVE-2020-1645 Unspecified vulnerability in Juniper Junos
When DNS filtering is enabled on Juniper Networks Junos MX Series with one of the following cards MS-PIC, MS-MIC or MS-MPC, an incoming stream of packets processed by the Multiservices PIC Management Daemon (mspmand) process, responsible for managing "URL Filtering service", may crash, causing the Services PIC to restart.
network
low complexity
juniper
8.3
2020-07-17 CVE-2020-1644 Improper Input Validation vulnerability in Juniper Junos
On Juniper Networks Junos OS and Junos OS Evolved devices, the receipt of a specific BGP UPDATE packet causes an internal counter to be incremented incorrectly, which over time can lead to the routing protocols process (RPD) crash and restart.
network
low complexity
juniper CWE-20
7.5
2020-07-17 CVE-2020-1643 Improper Handling of Exceptional Conditions vulnerability in Juniper Junos
Execution of the "show ospf interface extensive" or "show ospf interface detail" CLI commands on a Juniper Networks device running Junos OS may cause the routing protocols process (RPD) to crash and restart if OSPF interface authentication is configured, leading to a Denial of Service (DoS).
local
low complexity
juniper CWE-755
5.5
2020-07-17 CVE-2020-1641 Race Condition vulnerability in Juniper Junos
A Race Condition vulnerability in Juniper Networks Junos OS LLDP implementation allows an attacker to cause LLDP to crash leading to a Denial of Service (DoS).
low complexity
juniper CWE-362
6.5
2020-07-17 CVE-2020-1640 Improper Input Validation vulnerability in Juniper Junos
An improper use of a validation framework when processing incoming genuine BGP packets within Juniper Networks RPD (routing protocols process) daemon allows an attacker to crash RPD thereby causing a Denial of Service (DoS) condition.
network
low complexity
juniper CWE-20
7.5
2020-05-19 CVE-2020-7656 Cross-site Scripting vulnerability in multiple products
jquery prior to 1.9.0 allows Cross-site Scripting attacks via the load method.
network
low complexity
jquery oracle netapp juniper CWE-79
6.1
2020-05-04 CVE-2020-1631 Path Traversal vulnerability in Juniper Junos
A vulnerability in the HTTP/HTTPS service used by J-Web, Web Authentication, Dynamic-VPN (DVPN), Firewall Authentication Pass-Through with Web-Redirect, and Zero Touch Provisioning (ZTP) allows an unauthenticated attacker to perform local file inclusion (LFI) or path traversal.
network
low complexity
juniper CWE-22
critical
9.8