Vulnerabilities > Juniper

DATE CVE VULNERABILITY TITLE RISK
2020-04-15 CVE-2020-1632 Improper Handling of Exceptional Conditions vulnerability in Juniper Junos
In a certain condition, receipt of a specific BGP UPDATE message might cause Juniper Networks Junos OS and Junos OS Evolved devices to advertise an invalid BGP UPDATE message to other peers, causing the other peers to terminate the established BGP session, creating a Denial of Service (DoS) condition.
network
low complexity
juniper CWE-755
8.6
2020-04-09 CVE-2020-1633 Unspecified vulnerability in Juniper Junos
Due to a new NDP proxy feature for EVPN leaf nodes introduced in Junos OS 17.4, crafted NDPv6 packets could transit a Junos device configured as a Broadband Network Gateway (BNG) and reach the EVPN leaf node, causing a stale MAC address entry.
low complexity
juniper
6.5
2020-04-08 CVE-2020-1639 Improper Handling of Exceptional Conditions vulnerability in Juniper Junos
When an attacker sends a specific crafted Ethernet Operation, Administration, and Maintenance (Ethernet OAM) packet to a target device, it may improperly handle the incoming malformed data and fail to sanitize this incoming data resulting in an overflow condition.
network
low complexity
juniper CWE-755
7.5
2020-04-08 CVE-2020-1638 Unspecified vulnerability in Juniper Junos and Junos OS Evolved
The FPC (Flexible PIC Concentrator) of Juniper Networks Junos OS and Junos OS Evolved may restart after processing a specific IPv4 packet.
network
low complexity
juniper
7.5
2020-04-08 CVE-2020-1637 Improper Authentication vulnerability in Juniper Junos
A vulnerability in Juniper Networks SRX Series device configured as a Junos OS Enforcer device may allow a user to access network resources that are not permitted by a UAC policy.
network
low complexity
juniper CWE-287
6.5
2020-04-08 CVE-2020-1634 Unspecified vulnerability in Juniper Junos 12.3X48
On High-End SRX Series devices, in specific configurations and when specific networking events or operator actions occur, an SPC receiving genuine multicast traffic may core.
network
low complexity
juniper
7.5
2020-04-08 CVE-2020-1630 Unspecified vulnerability in Juniper Junos
A privilege escalation vulnerability in Juniper Networks Junos OS devices configured with dual Routing Engines (RE), Virtual Chassis (VC) or high-availability cluster may allow a local authenticated low-privileged user with access to the shell to perform unauthorized configuration modification.
local
low complexity
juniper
5.5
2020-04-08 CVE-2020-1629 Race Condition vulnerability in Juniper Junos
A race condition vulnerability on Juniper Network Junos OS devices may cause the routing protocol daemon (RPD) process to crash and restart while processing a BGP NOTIFICATION message.
network
high complexity
juniper CWE-362
5.9
2020-04-08 CVE-2020-1628 Unspecified vulnerability in Juniper Junos
Juniper Networks Junos OS uses the 128.0.0.0/2 subnet for internal communications between the RE and PFEs.
network
low complexity
juniper
5.3
2020-04-08 CVE-2020-1627 Unspecified vulnerability in Juniper Junos
A vulnerability in Juniper Networks Junos OS on vMX and MX150 devices may allow an attacker to cause a Denial of Service (DoS) by sending specific packets requiring special processing in microcode that the flow cache can't handle, causing the riot forwarding daemon to crash.
network
low complexity
juniper
7.5