Vulnerabilities > Juniper
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-01-15 | CVE-2021-0211 | Improper Check for Unusual or Exceptional Conditions vulnerability in Juniper Junos An improper check for unusual or exceptional conditions in Juniper Networks Junos OS and Junos OS Evolved Routing Protocol Daemon (RPD) service allows an attacker to send a valid BGP FlowSpec message thereby causing an unexpected change in the route advertisements within the BGP FlowSpec domain leading to disruptions in network traffic causing a Denial of Service (DoS) condition. | 10.0 |
| 2021-01-15 | CVE-2021-0210 | Information Exposure vulnerability in Juniper Junos An Information Exposure vulnerability in J-Web of Juniper Networks Junos OS allows an unauthenticated attacker to elevate their privileges over the target system through opportunistic use of an authenticated users session. | 6.8 |
| 2021-01-15 | CVE-2021-0209 | Access of Uninitialized Pointer vulnerability in Juniper Junos OS Evolved 19.4/20.1 In Juniper Networks Junos OS Evolved an attacker sending certain valid BGP update packets may cause Junos OS Evolved to access an uninitialized pointer causing RPD to core leading to a Denial of Service (DoS). | 6.5 |
| 2021-01-15 | CVE-2021-0208 | Improper Input Validation vulnerability in Juniper Junos An improper input validation vulnerability in the Routing Protocol Daemon (RPD) service of Juniper Networks Junos OS allows an attacker to send a malformed RSVP packet when bidirectional LSPs are in use, which when received by an egress router crashes the RPD causing a Denial of Service (DoS) condition. | 8.8 |
| 2021-01-15 | CVE-2021-0207 | Interpretation Conflict vulnerability in Juniper Junos An improper interpretation conflict of certain data between certain software components within the Juniper Networks Junos OS devices does not allow certain traffic to pass through the device upon receipt from an ingress interface filtering certain specific types of traffic which is then being redirected to an egress interface on a different VLAN. | 7.5 |
| 2021-01-15 | CVE-2021-0206 | NULL Pointer Dereference vulnerability in Juniper Junos A NULL Pointer Dereference vulnerability in Juniper Networks Junos OS allows an attacker to send a specific packet causing the packet forwarding engine (PFE) to crash and restart, resulting in a Denial of Service (DoS). | 7.5 |
| 2021-01-15 | CVE-2021-0205 | Unspecified vulnerability in Juniper Junos When the "Intrusion Detection Service" (IDS) feature is configured on Juniper Networks MX series with a dynamic firewall filter using IPv6 source or destination prefix, it may incorrectly match the prefix as /32, causing the filter to block unexpected traffic. | 5.8 |
| 2021-01-15 | CVE-2021-0204 | Improper Privilege Management vulnerability in Juniper Junos A sensitive information disclosure vulnerability in delta-export configuration utility (dexp) of Juniper Networks Junos OS may allow a locally authenticated shell user the ability to create and read database files generated by the dexp utility, including password hashes of local users. | 7.8 |
| 2021-01-15 | CVE-2021-0203 | Unspecified vulnerability in Juniper Junos On Juniper Networks EX and QFX5K Series platforms configured with Redundant Trunk Group (RTG), Storm Control profile applied on the RTG interface might not take affect when it reaches the threshold condition. | 8.6 |
| 2021-01-15 | CVE-2021-0202 | Memory Leak vulnerability in Juniper Junos On Juniper Networks MX Series and EX9200 Series platforms with Trio-based MPC (Modular Port Concentrator) where Integrated Routing and Bridging (IRB) interface is configured and it is mapped to a VPLS instance or a Bridge-Domain, certain network events at Customer Edge (CE) device may cause memory leak in the MPC which can cause an out of memory and MPC restarts. | 7.5 |