Vulnerabilities > Juniper

DATE CVE VULNERABILITY TITLE RISK
2019-10-09 CVE-2019-0075 Unspecified vulnerability in Juniper Junos
A vulnerability in the srxpfe process on Protocol Independent Multicast (PIM) enabled SRX series devices may lead to crash of the srxpfe process and an FPC reboot while processing (PIM) messages.
network
low complexity
juniper
7.5
2019-10-09 CVE-2019-0074 Path Traversal vulnerability in Juniper Junos
A path traversal vulnerability in NFX150 Series and QFX10K Series, EX9200 Series, MX Series and PTX Series devices with Next-Generation Routing Engine (NG-RE) allows a local authenticated user to read sensitive system files.
local
low complexity
juniper CWE-22
5.5
2019-10-09 CVE-2019-0073 Improper Preservation of Permissions vulnerability in Juniper Junos
The PKI keys exported using the command "run request security pki key-pair export" on Junos OS may have insecure file permissions.
local
low complexity
juniper CWE-281
7.1
2019-10-09 CVE-2019-0072 Insufficiently Protected Credentials vulnerability in Juniper SBR Carrier 8.4.1/8.5.0
An Unprotected Storage of Credentials vulnerability in the identity and access management certificate generation procedure allows a local attacker to gain access to confidential information.
local
low complexity
juniper CWE-522
5.5
2019-10-09 CVE-2019-0071 Improper Validation of Integrity Check Value vulnerability in Juniper Junos 18.1/18.3
Veriexec is a kernel-based file integrity subsystem in Junos OS that ensures only authorized binaries are able to be executed.
local
low complexity
juniper CWE-354
7.8
2019-10-09 CVE-2019-0070 Improper Input Validation vulnerability in Juniper Junos
An Improper Input Validation weakness allows a malicious local attacker to elevate their permissions to take control of other portions of the NFX platform they should not be able to access, and execute commands outside their authorized scope of control.
local
low complexity
juniper CWE-20
8.8
2019-10-09 CVE-2019-0069 Cleartext Transmission of Sensitive Information vulnerability in Juniper Junos
On EX4600, QFX5100 Series, NFX Series, QFX10K Series, QFX5110, QFX5200 Series, QFX5110, QFX5200, QFX10K Series, vSRX, SRX1500, SRX4000 Series, vSRX, SRX1500, SRX4000, QFX5110, QFX5200, QFX10K Series, when the user uses console management port to authenticate, the credentials used during device authentication are written to a log file in clear text.
local
low complexity
juniper CWE-319
5.5
2019-10-09 CVE-2019-0068 Improper Check for Unusual or Exceptional Conditions vulnerability in Juniper Junos
The SRX flowd process, responsible for packet forwarding, may crash and restart when processing specific multicast packets.
network
low complexity
juniper CWE-754
7.5
2019-10-09 CVE-2019-0067 Unspecified vulnerability in Juniper Junos 16.1/16.2/17.1
Receipt of a specific link-local IPv6 packet destined to the RE may cause the system to crash and restart (vmcore).
low complexity
juniper
6.5
2019-10-09 CVE-2019-0066 Unspecified vulnerability in Juniper Junos
An unexpected status return value weakness in the Next-Generation Multicast VPN (NG-mVPN) service of Juniper Networks Junos OS allows attacker to cause a Denial of Service (DoS) condition and core the routing protocol daemon (rpd) process when a specific malformed IPv4 packet is received by the device running BGP.
network
low complexity
juniper
7.5