Vulnerabilities > Juniper

DATE CVE VULNERABILITY TITLE RISK
2019-01-15 CVE-2019-0017 Unrestricted Upload of File with Dangerous Type vulnerability in Juniper Junos Space
The Junos Space application, which allows Device Image files to be uploaded, has insufficient validity checking which may allow uploading of malicious images or scripts, or other content types.
network
low complexity
juniper CWE-434
8.8
2019-01-15 CVE-2019-0016 Unspecified vulnerability in Juniper Junos Space
A malicious authenticated user may be able to delete a device from the Junos Space database without the necessary privileges through crafted Ajax interactions obtained from another legitimate delete action performed by another administrative user.
network
low complexity
juniper
6.5
2019-01-15 CVE-2019-0015 Insufficient Session Expiration vulnerability in Juniper Junos
A vulnerability in the SRX Series Service Gateway allows deleted dynamic VPN users to establish dynamic VPN connections until the device is rebooted.
network
low complexity
juniper CWE-613
5.4
2019-01-15 CVE-2019-0014 Data Processing Errors vulnerability in Juniper Junos 17.2X75/17.4/18.2
On QFX and PTX Series, receipt of a malformed packet for J-Flow sampling might crash the FPC (Flexible PIC Concentrator) process which causes all interfaces to go down.
network
low complexity
juniper CWE-19
7.5
2019-01-15 CVE-2019-0013 Data Processing Errors vulnerability in Juniper Junos
The routing protocol daemon (RPD) process will crash and restart when a specific invalid IPv4 PIM Join packet is received.
network
low complexity
juniper CWE-19
7.5
2019-01-15 CVE-2019-0012 Unspecified vulnerability in Juniper Junos
A Denial of Service (DoS) vulnerability in BGP in Juniper Networks Junos OS configured as a VPLS PE allows an attacker to craft a specific BGP message to cause the routing protocol daemon (rpd) process to crash and restart.
network
low complexity
juniper
7.5
2019-01-15 CVE-2019-0011 Unspecified vulnerability in Juniper Junos
The Junos OS kernel crashes after processing a specific incoming packet to the out of band management interface (such as fxp0, me0, em0, vme0) destined for another address.
low complexity
juniper
6.5
2019-01-15 CVE-2019-0010 Allocation of Resources Without Limits or Throttling vulnerability in Juniper Junos 12.1X46/12.3X48/15.1X49
An SRX Series Service Gateway configured for Unified Threat Management (UTM) may experience a system crash with the error message "mbuf exceed" -- an indication of memory buffer exhaustion -- due to the receipt of crafted HTTP traffic.
network
low complexity
juniper CWE-770
7.5
2019-01-15 CVE-2019-0009 Unspecified vulnerability in Juniper Junos 15.1X53/18.1/18.2
On EX2300 and EX3400 series, high disk I/O operations may disrupt the communication between the routing engine (RE) and the packet forwarding engine (PFE).
local
low complexity
juniper
5.5
2019-01-15 CVE-2019-0007 Use of Insufficiently Random Values vulnerability in Juniper Junos 15.1
The vMX Series software uses a predictable IP ID Sequence Number.
network
low complexity
juniper CWE-330
critical
10.0