Vulnerabilities > Juniper
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-22 | CVE-2021-0272 | Memory Leak vulnerability in Juniper Junos A kernel memory leak in QFX10002-32Q, QFX10002-60C, QFX10002-72Q, QFX10008, QFX10016 devices Flexible PIC Concentrators (FPCs) on Juniper Networks Junos OS allows an attacker to send genuine packets destined to the device to cause a Denial of Service (DoS) to the device. | 6.5 |
| 2021-04-22 | CVE-2021-0271 | Double Free vulnerability in Juniper Junos 12.3/15.1 A Double Free vulnerability in the software forwarding interface daemon (sfid) process of Juniper Networks Junos OS allows an adjacently-connected attacker to cause a Denial of Service (DoS) by sending a crafted ARP packet to the device. | 6.5 |
| 2021-04-22 | CVE-2021-0270 | Use After Free vulnerability in Juniper Junos 18.1 On PTX Series and QFX10k Series devices with the "inline-jflow" feature enabled, a use after free weakness in the Packet Forwarding Engine (PFE) microkernel architecture of Juniper Networks Junos OS may allow an attacker to cause a Denial of Service (DoS) condition whereby one or more Flexible PIC Concentrators (FPCs) may restart. | 5.9 |
| 2021-04-22 | CVE-2021-0269 | Unspecified vulnerability in Juniper Junos The improper handling of client-side parameters in J-Web of Juniper Networks Junos OS allows an attacker to perform a number of different malicious actions against a target device when a user is authenticated to J-Web. | 8.8 |
| 2021-04-22 | CVE-2021-0268 | Injection vulnerability in Juniper Junos An Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting') weakness in J-web of Juniper Networks Junos OS leads to buffer overflows, segment faults, or other impacts, which allows an attacker to modify the integrity of the device and exfiltration information from the device without authentication. | 9.3 |
| 2021-04-22 | CVE-2021-0267 | Improper Input Validation vulnerability in Juniper Junos An Improper Input Validation vulnerability in the active-lease query portion in JDHCPD's DHCP Relay Agent of Juniper Networks Junos OS allows an attacker to cause a Denial of Service (DoS) by sending a crafted DHCP packet to the device thereby crashing the jdhcpd DHCP service. | 6.5 |
| 2021-04-22 | CVE-2021-0266 | Use of Hard-coded Credentials vulnerability in Juniper Junos 20.2/20.3/20.4 The use of multiple hard-coded cryptographic keys in cSRX Series software in Juniper Networks Junos OS allows an attacker to take control of any instance of a cSRX deployment through device management services. | 9.8 |
| 2021-04-22 | CVE-2021-0265 | OS Command Injection vulnerability in Juniper Appformix An unvalidated REST API in the AppFormix Agent of Juniper Networks AppFormix allows an unauthenticated remote attacker to execute commands as root on the host running the AppFormix Agent, when certain preconditions are performed by the attacker, thus granting the attacker full control over the environment. | 8.1 |
| 2021-04-22 | CVE-2021-0264 | Improper Handling of Exceptional Conditions vulnerability in Juniper Junos and Junos OS Evolved A vulnerability in the processing of traffic matching a firewall filter containing a syslog action in Juniper Networks Junos OS on MX Series with MPC10/MPC11 cards installed, PTX10003 and PTX10008 Series devices, will cause the line card to crash and restart, creating a Denial of Service (DoS). | 7.5 |
| 2021-04-22 | CVE-2021-0263 | Unspecified vulnerability in Juniper Junos A Data Processing vulnerability in the Multi-Service process (multi-svcs) on the FPC of Juniper Networks Junos OS on the PTX Series routers may lead to the process becoming unresponsive, ultimately affecting traffic forwarding, allowing an attacker to cause a Denial of Service (DoS) condition . | 5.9 |