Vulnerabilities > Juniper

DATE CVE VULNERABILITY TITLE RISK
2019-07-11 CVE-2019-0046 Resource Exhaustion vulnerability in Juniper Junos
A vulnerability in the pfe-chassisd Chassis Manager (CMLC) daemon of Juniper Networks Junos OS allows an attacker to cause a Denial of Service (DoS) to the EX4300 when specific valid broadcast packets create a broadcast storm condition when received on the me0 interface of the EX4300 Series device.
low complexity
juniper CWE-400
6.5
2019-04-20 CVE-2019-11358 jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. 6.1
2019-04-10 CVE-2019-0044 Unspecified vulnerability in Juniper Junos 12.1X46/12.3X48/15.1X49
Receipt of a specific packet on the out-of-band management interface fxp0 may cause the system to crash and restart (vmcore).
network
low complexity
juniper
7.5
2019-04-10 CVE-2019-0043 Unspecified vulnerability in Juniper Junos
In MPLS environments, receipt of a specific SNMP packet may cause the routing protocol daemon (RPD) process to crash and restart.
network
low complexity
juniper
7.5
2019-04-10 CVE-2019-0042 Unspecified vulnerability in Juniper Identity Management Service
Juniper Identity Management Service (JIMS) for Windows versions prior to 1.1.4 may send an incorrect message to associated SRX services gateways.
high complexity
juniper
4.2
2019-04-10 CVE-2019-0041 Unspecified vulnerability in Juniper Junos 18.2
On EX4300-MP Series devices with any lo0 filters applied, transit network traffic may reach the control plane via loopback interface (lo0).
network
low complexity
juniper
8.6
2019-04-10 CVE-2019-0040 Information Exposure vulnerability in Juniper Junos
On Junos OS, rpcbind should only be listening to port 111 on the internal routing instance (IRI).
network
low complexity
juniper CWE-200
critical
9.1
2019-04-10 CVE-2019-0039 Improper Restriction of Excessive Authentication Attempts vulnerability in Juniper Junos
If REST API is enabled, the Junos OS login credentials are vulnerable to brute force attacks.
network
high complexity
juniper CWE-307
8.1
2019-04-10 CVE-2019-0038 Allocation of Resources Without Limits or Throttling vulnerability in Juniper Junos
Crafted packets destined to the management interface (fxp0) of an SRX340 or SRX345 services gateway may create a denial of service (DoS) condition due to buffer space exhaustion.
low complexity
juniper CWE-770
6.5
2019-04-10 CVE-2019-0037 Unspecified vulnerability in Juniper Junos
In a Dynamic Host Configuration Protocol version 6 (DHCPv6) environment, the jdhcpd daemon may crash and restart upon receipt of certain DHCPv6 solicit messages received from a DHCPv6 client.
network
low complexity
juniper
7.5