Vulnerabilities > Juniper
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-19 | CVE-2022-22179 | Improper Input Validation vulnerability in Juniper Junos A Improper Validation of Specified Index, Position, or Offset in Input vulnerability in the Juniper DHCP daemon (jdhcpd) of Juniper Networks Junos OS allows an adjacent unauthenticated attacker to cause a crash of jdhcpd and thereby a Denial of Service (DoS). | 6.5 |
| 2022-01-19 | CVE-2022-22180 | Improper Check for Unusual or Exceptional Conditions vulnerability in Juniper Junos An Improper Check for Unusual or Exceptional Conditions vulnerability in the processing of specific IPv6 packets on certain EX Series devices may lead to exhaustion of DMA memory causing a Denial of Service (DoS). | 7.5 |
| 2021-10-19 | CVE-2021-0296 | Cleartext Transmission of Sensitive Information vulnerability in Juniper Ctpview 7.3/9.1 The Juniper Networks CTPView server is not enforcing HTTP Strict Transport Security (HSTS). | 7.4 |
| 2021-10-19 | CVE-2021-0297 | Improper Handling of Exceptional Conditions vulnerability in Juniper Junos OS Evolved 20.3/20.4/21.1 A vulnerability in the processing of TCP MD5 authentication in Juniper Networks Junos OS Evolved may allow a BGP or LDP session configured with MD5 authentication to succeed, even if the peer does not have TCP MD5 authentication enabled. | 6.5 |
| 2021-10-19 | CVE-2021-0298 | Race Condition vulnerability in Juniper Junos OS Evolved A Race Condition in the 'show chassis pic' command in Juniper Networks Junos OS Evolved may allow an attacker to crash the port interface concentrator daemon (picd) process on the FPC, if the command is executed coincident with other system events outside the attacker's control, leading to a Denial of Service (DoS) condition. | 4.7 |
| 2021-10-19 | CVE-2021-0299 | Improper Handling of Exceptional Conditions vulnerability in Juniper Junos 19.4/20.1/20.2 An Improper Handling of Exceptional Conditions vulnerability in the processing of a transit or directly received malformed IPv6 packet in Juniper Networks Junos OS results in a kernel crash, causing the device to restart, leading to a Denial of Service (DoS). | 7.5 |
| 2021-10-19 | CVE-2021-31349 | Unspecified vulnerability in Juniper 128 Technology Session Smart Router Firmware The usage of an internal HTTP header created an authentication bypass vulnerability (CWE-287), allowing an attacker to view internal files, change settings, manipulate services and execute arbitrary code. | 9.8 |
| 2021-10-19 | CVE-2021-31350 | Improper Privilege Management vulnerability in Juniper Junos and Junos OS Evolved An Improper Privilege Management vulnerability in the gRPC framework, used by the Juniper Extension Toolkit (JET) API on Juniper Networks Junos OS and Junos OS Evolved, allows a network-based, low-privileged authenticated attacker to perform operations as root, leading to complete compromise of the targeted system. | 8.8 |
| 2021-10-19 | CVE-2021-31351 | Improper Check for Unusual or Exceptional Conditions vulnerability in Juniper Junos An Improper Check for Unusual or Exceptional Conditions in packet processing on the MS-MPC/MS-MIC utilized by Juniper Networks Junos OS allows a malicious attacker to send a specific packet, triggering the MS-MPC/MS-MIC to reset, causing a Denial of Service (DoS). | 7.5 |
| 2021-10-19 | CVE-2021-31352 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Juniper Session and Resource Control An Information Exposure vulnerability in Juniper Networks SRC Series devices configured for NETCONF over SSH permits the negotiation of weak ciphers, which could allow a remote attacker to obtain sensitive information. | 5.3 |