Vulnerabilities > Juniper
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-01-15 | CVE-2019-0010 | Allocation of Resources Without Limits or Throttling vulnerability in Juniper Junos 12.1X46/12.3X48/15.1X49 An SRX Series Service Gateway configured for Unified Threat Management (UTM) may experience a system crash with the error message "mbuf exceed" -- an indication of memory buffer exhaustion -- due to the receipt of crafted HTTP traffic. | 7.5 |
| 2019-01-15 | CVE-2019-0009 | Unspecified vulnerability in Juniper Junos 15.1X53/18.1/18.2 On EX2300 and EX3400 series, high disk I/O operations may disrupt the communication between the routing engine (RE) and the packet forwarding engine (PFE). | 5.5 |
| 2019-01-15 | CVE-2019-0007 | Use of Insufficiently Random Values vulnerability in Juniper Junos 15.1 The vMX Series software uses a predictable IP ID Sequence Number. | 10.0 |
| 2019-01-15 | CVE-2019-0006 | Use of Uninitialized Resource vulnerability in Juniper Junos 14.1X53/15.1/15.1X53 A certain crafted HTTP packet can trigger an uninitialized function pointer deference vulnerability in the Packet Forwarding Engine manager (fxpc) on all EX, QFX and MX Series devices in a Virtual Chassis configuration. | 9.8 |
| 2019-01-15 | CVE-2019-0005 | Allocation of Resources Without Limits or Throttling vulnerability in Juniper Junos On EX2300, EX3400, EX4600, QFX3K and QFX5K series, firewall filter configuration cannot perform packet matching on any IPv6 extension headers. | 5.3 |
| 2019-01-15 | CVE-2019-0004 | Information Exposure Through Log Files vulnerability in Juniper Advanced Threat Prevention On Juniper ATP, the API key and the device key are logged in a file readable by authenticated local users. | 5.5 |
| 2019-01-15 | CVE-2019-0003 | Reachable Assertion vulnerability in Juniper Junos When a specific BGP flowspec configuration is enabled and upon receipt of a specific matching BGP packet meeting a specific term in the flowspec configuration, a reachable assertion failure occurs, causing the routing protocol daemon (rpd) process to crash with a core file being generated. | 5.9 |
| 2019-01-15 | CVE-2019-0002 | Unspecified vulnerability in Juniper Junos 15.1X53/18.1/18.2 On EX2300 and EX3400 series, stateless firewall filter configuration that uses the action 'policer' in combination with other actions might not take effect. | 9.8 |
| 2019-01-15 | CVE-2019-0001 | Uncontrolled Recursion vulnerability in multiple products Receipt of a malformed packet on MX Series devices with dynamic vlan configuration can trigger an uncontrolled recursion loop in the Broadband Edge subscriber management daemon (bbe-smgd), and lead to high CPU usage and a crash of the bbe-smgd service. | 7.5 |
| 2018-10-10 | CVE-2018-0063 | Resource Exhaustion vulnerability in Juniper Junos 17.3 A vulnerability in the IP next-hop index database in Junos OS 17.3R3 may allow a flood of ARP requests, sent to the management interface, to exhaust the private Internal routing interfaces (IRIs) next-hop limit. | 6.5 |