Vulnerabilities > Juniper
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-07-15 | CVE-2021-0288 | Improper Check for Unusual or Exceptional Conditions vulnerability in Juniper Junos A vulnerability in the processing of specific MPLS packets in Juniper Networks Junos OS on MX Series and EX9200 Series devices with Trio-based MPCs (Modular Port Concentrators) may cause FPC to crash and lead to a Denial of Service (DoS) condition. | 6.5 |
2021-07-15 | CVE-2021-0289 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Juniper Junos When user-defined ARP Policer is configured and applied on one or more Aggregated Ethernet (AE) interface units, a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability between the Device Control Daemon (DCD) and firewall process (dfwd) daemons of Juniper Networks Junos OS allows an attacker to bypass the user-defined ARP Policer. | 5.3 |
2021-07-15 | CVE-2021-0290 | Improper Handling of Exceptional Conditions vulnerability in Juniper Junos Improper Handling of Exceptional Conditions in Ethernet interface frame processing of Juniper Networks Junos OS allows an attacker to send specially crafted frames over the local Ethernet segment, causing the interface to go into a down state, resulting in a Denial of Service (DoS) condition. | 6.5 |
2021-07-15 | CVE-2021-0291 | Information Exposure vulnerability in Juniper Junos 15.1/17.3/17.4 An Exposure of System Data vulnerability in Juniper Networks Junos OS and Junos OS Evolved, where a sensitive system-level resource is not being sufficiently protected, allows a network-based unauthenticated attacker to send specific traffic which partially reaches this resource. | 6.5 |
2021-07-15 | CVE-2021-0292 | Resource Exhaustion vulnerability in Juniper Junos OS Evolved 19.4/20.1/20.2 An Uncontrolled Resource Consumption vulnerability in the ARP daemon (arpd) and Network Discovery Protocol (ndp) process of Juniper Networks Junos OS Evolved allows a malicious attacker on the local network to consume memory resources, ultimately resulting in a Denial of Service (DoS) condition. | 6.5 |
2021-07-15 | CVE-2021-0293 | Memory Leak vulnerability in Juniper Junos A vulnerability in Juniper Networks Junos OS caused by Missing Release of Memory after Effective Lifetime leads to a memory leak each time the CLI command 'show system connections extensive' is executed. | 5.5 |
2021-07-15 | CVE-2021-0294 | Unspecified vulnerability in Juniper Junos 18.4 A vulnerability in Juniper Networks Junos OS, which only affects the release 18.4R2-S5, where a function is inconsistently implemented on Juniper Networks Junos QFX5000 Series and EX4600 Series, and if "storm-control enhanced" is configured, can lead to the enhanced storm control filter group not be installed. | 5.3 |
2021-07-15 | CVE-2021-0295 | Incorrect Comparison vulnerability in Juniper Junos A vulnerability in the Distance Vector Multicast Routing Protocol (DVMRP) of Juniper Networks Junos OS on the QFX10K Series switches allows an attacker to trigger a packet forwarding loop, leading to a partial Denial of Service (DoS). | 6.1 |
2021-04-22 | CVE-2021-0275 | Cross-site Scripting vulnerability in Juniper Junos A Cross-site Scripting (XSS) vulnerability in J-Web on Juniper Networks Junos OS allows an attacker to target another user's session thereby gaining access to the users session. | 8.8 |
2021-04-22 | CVE-2021-0273 | Infinite Loop vulnerability in Juniper Junos 15.1/15.2/16.1 An always-incorrect control flow implementation in the implicit filter terms of Juniper Networks Junos OS and Junos OS Evolved on ACX5800, EX9200 Series, MX10000 Series, MX240, MX480, MX960 devices with affected Trio line cards allows an attacker to exploit an interdependency in the PFE UCODE microcode of the Trio chipset with various line cards to cause packets destined to the devices interfaces to cause a Denial of Service (DoS) condition by looping the packet with an unreachable exit condition ('Infinite Loop'). | 5.3 |