Vulnerabilities > Juniper
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-10-13 | CVE-2017-10614 | Resource Exhaustion vulnerability in Juniper Junos A vulnerability in telnetd service on Junos OS allows a remote attacker to cause a limited memory and/or CPU consumption denial of service attack. | 7.5 |
| 2017-10-13 | CVE-2017-10613 | Resource Exhaustion vulnerability in Juniper Junos A vulnerability in a specific loopback filter action command, processed in a specific logical order of operation, in a running configuration of Juniper Networks Junos OS, allows an attacker with CLI access and the ability to initiate remote sessions to the loopback interface with the defined action, to hang the kernel. | 5.5 |
| 2017-10-13 | CVE-2017-10612 | Cross-site Scripting vulnerability in Juniper Junos Space A persistent site scripting vulnerability in Juniper Networks Junos Space allows users who can change certain configuration to implant malicious Javascript or HTML which may be used to steal information or perform actions as other Junos Space users or administrators. | 8.0 |
| 2017-10-13 | CVE-2017-10611 | Unspecified vulnerability in Juniper Junos If extended statistics are enabled via 'set chassis extended-statistics', when executing any operation that fetches interface statistics, including but not limited to SNMP GET requests, the pfem process or the FPC may crash and restart. | 5.9 |
| 2017-10-13 | CVE-2017-10610 | Improper Input Validation vulnerability in Juniper Junos 12.1X46/12.3X48/15.1X49 On SRX Series devices, a crafted ICMP packet embedded within a NAT64 IPv6 to IPv4 tunnel may cause the flowd process to crash. | 5.9 |
| 2017-10-13 | CVE-2017-10608 | Resource Exhaustion vulnerability in Juniper Junos Any Juniper Networks SRX series device with one or more ALGs enabled may experience a flowd crash when traffic is processed by the Sun/MS-RPC ALGs. | 7.5 |
| 2017-10-13 | CVE-2017-10607 | Unspecified vulnerability in Juniper Junos 16.1 Juniper Networks Junos OS 16.1R1, and services releases based off of 16.1R1, are vulnerable to the receipt of a crafted BGP Protocol Data Unit (PDU) sent directly to the router, which can cause the RPD routing process to crash and restart. | 7.5 |
| 2017-10-13 | CVE-2017-10606 | Unspecified vulnerability in Juniper Trusted Platform Module Firmware 4.40 Version 4.40 of the TPM (Trusted Platform Module) firmware on Juniper Networks SRX300 Series has a weakness in generating cryptographic keys that may allow an attacker to decrypt sensitive information in SRX300 Series products. | 4.4 |
| 2017-10-13 | CVE-2016-4925 | Data Processing Errors vulnerability in Juniper Junose Receipt of a specifically malformed IPv6 packet processed by the router may trigger a line card reset: processor exception 0x68616c74 (halt) in task: scheduler. | 7.5 |
| 2017-10-13 | CVE-2016-4924 | Permission Issues vulnerability in Juniper Junos 14.1/15.1 An incorrect permissions vulnerability in Juniper Networks Junos OS on vMX may allow local unprivileged users on a host system read access to vMX or vPFE images and obtain sensitive information contained in them such as private cryptographic keys. | 5.5 |