Vulnerabilities > Juniper
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-10-10 | CVE-2018-0052 | Improper Authentication vulnerability in Juniper Junos If RSH service is enabled on Junos OS and if the PAM authentication is disabled, a remote unauthenticated attacker can obtain root access to the device. | 8.1 |
| 2018-10-10 | CVE-2018-0051 | Improper Input Validation vulnerability in Juniper Junos A Denial of Service vulnerability in the SIP application layer gateway (ALG) component of Junos OS based platforms allows an attacker to crash MS-PIC, MS-MIC, MS-MPC, MS-DPC or SRX flow daemon (flowd) process. | 5.9 |
| 2018-10-10 | CVE-2018-0050 | Improper Input Validation vulnerability in Juniper Junos 14.1/14.1X53/14.2 An error handling vulnerability in Routing Protocols Daemon (RPD) of Juniper Networks Junos OS allows an attacker to cause RPD to crash. | 5.9 |
| 2018-10-10 | CVE-2018-0049 | NULL Pointer Dereference vulnerability in Juniper Junos A NULL Pointer Dereference vulnerability in Juniper Networks Junos OS allows an attacker to cause the Junos OS kernel to crash. | 7.5 |
| 2018-10-10 | CVE-2018-0048 | Resource Exhaustion vulnerability in Juniper Junos A vulnerability in the Routing Protocols Daemon (RPD) with Juniper Extension Toolkit (JET) support can allow a network based unauthenticated attacker to cause a severe memory exhaustion condition on the device. | 7.5 |
| 2018-10-10 | CVE-2018-0047 | Cross-site Scripting vulnerability in Juniper Junos Space A persistent cross-site scripting vulnerability in the UI framework used by Junos Space Security Director may allow authenticated users to inject persistent and malicious scripts. | 5.4 |
| 2018-10-10 | CVE-2018-0046 | Cross-site Scripting vulnerability in Juniper Junos Space 18.1R1 A reflected cross-site scripting vulnerability in OpenNMS included with Juniper Networks Junos Space may allow the stealing of sensitive information or session credentials from Junos Space administrators or perform administrative actions. | 6.1 |
| 2018-10-10 | CVE-2018-0045 | Improper Input Validation vulnerability in Juniper Junos Receipt of a specific Draft-Rosen MVPN control packet may cause the routing protocol daemon (RPD) process to crash and restart or may lead to remote code execution. | 8.8 |
| 2018-10-10 | CVE-2018-0044 | Improper Authentication vulnerability in Juniper Junos 18.1R2 An insecure SSHD configuration in Juniper Device Manager (JDM) and host OS on Juniper NFX Series devices may allow remote unauthenticated access if any of the passwords on the system are empty. | 8.1 |
| 2018-10-10 | CVE-2018-0043 | Improper Input Validation vulnerability in Juniper Junos Receipt of a specific MPLS packet may cause the routing protocol daemon (RPD) process to crash and restart or may lead to remote code execution. | 8.8 |