Vulnerabilities > Juniper

DATE CVE VULNERABILITY TITLE RISK
2020-04-08 CVE-2020-1626 Unspecified vulnerability in Juniper Junos OS Evolved 18.3
A vulnerability in Juniper Networks Junos OS Evolved may allow an attacker to cause a Denial of Service (DoS) by sending a high rate of specific packets to the device, resulting in a pfemand process crash.
network
low complexity
juniper
7.5
2020-04-08 CVE-2020-1625 Memory Leak vulnerability in Juniper Junos
The kernel memory usage represented as "temp" via 'show system virtual-memory' may constantly increase when Integrated Routing and Bridging (IRB) is configured with multiple underlay physical interfaces, and one interface flaps.
low complexity
juniper CWE-401
6.5
2020-04-08 CVE-2020-1624 Information Exposure Through Log Files vulnerability in Juniper Junos OS Evolved 18.3/19.1
A local, authenticated user with shell can obtain the hashed values of login passwords and shared secrets via raw objmon configuration files.
local
low complexity
juniper CWE-532
5.5
2020-04-08 CVE-2020-1623 Information Exposure Through Log Files vulnerability in Juniper Junos OS Evolved 18.3/19.1/19.2
A local, authenticated user with shell can view sensitive configuration information via the ev.ops configuration file.
local
low complexity
juniper CWE-532
5.5
2020-04-08 CVE-2020-1622 Information Exposure Through Log Files vulnerability in Juniper Junos OS Evolved 18.3/19.1
A local, authenticated user with shell can obtain the hashed values of login passwords and shared secrets via the EvoSharedObjStore.
local
low complexity
juniper CWE-532
5.5
2020-04-08 CVE-2020-1621 Information Exposure Through Log Files vulnerability in Juniper Junos OS Evolved
A local, authenticated user with shell can obtain the hashed values of login passwords via configd traces.
local
low complexity
juniper CWE-532
5.5
2020-04-08 CVE-2020-1620 Information Exposure Through Log Files vulnerability in Juniper Junos OS Evolved
A local, authenticated user with shell can obtain the hashed values of login passwords via configd streamer log.
local
low complexity
juniper CWE-532
5.5
2020-04-08 CVE-2020-1619 Unspecified vulnerability in Juniper Junos
A privilege escalation vulnerability in Juniper Networks QFX10K Series, EX9200 Series, MX Series, and PTX Series with Next-Generation Routing Engine (NG-RE), allows a local authenticated high privileged user to access the underlying WRL host.
local
low complexity
juniper
6.7
2020-04-08 CVE-2020-1618 Improper Authentication vulnerability in Juniper Junos
On Juniper Networks EX and QFX Series, an authentication bypass vulnerability may allow a user connected to the console port to login as root without any password.
low complexity
juniper CWE-287
6.8
2020-04-08 CVE-2020-1617 Improper Initialization vulnerability in Juniper Junos
This issue occurs on Juniper Networks Junos OS devices which do not support Advanced Forwarding Interface (AFI) / Advanced Forwarding Toolkit (AFT).
network
low complexity
juniper CWE-665
7.5