Vulnerabilities > Juniper
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-10-13 | CVE-2017-10611 | Unspecified vulnerability in Juniper Junos If extended statistics are enabled via 'set chassis extended-statistics', when executing any operation that fetches interface statistics, including but not limited to SNMP GET requests, the pfem process or the FPC may crash and restart. | 5.9 |
| 2017-10-13 | CVE-2017-10610 | Improper Input Validation vulnerability in Juniper Junos 12.1X46/12.3X48/15.1X49 On SRX Series devices, a crafted ICMP packet embedded within a NAT64 IPv6 to IPv4 tunnel may cause the flowd process to crash. | 5.9 |
| 2017-10-13 | CVE-2017-10608 | Resource Exhaustion vulnerability in Juniper Junos Any Juniper Networks SRX series device with one or more ALGs enabled may experience a flowd crash when traffic is processed by the Sun/MS-RPC ALGs. | 7.5 |
| 2017-10-13 | CVE-2017-10607 | Unspecified vulnerability in Juniper Junos 16.1 Juniper Networks Junos OS 16.1R1, and services releases based off of 16.1R1, are vulnerable to the receipt of a crafted BGP Protocol Data Unit (PDU) sent directly to the router, which can cause the RPD routing process to crash and restart. | 7.5 |
| 2017-10-13 | CVE-2017-10606 | Unspecified vulnerability in Juniper Trusted Platform Module Firmware 4.40 Version 4.40 of the TPM (Trusted Platform Module) firmware on Juniper Networks SRX300 Series has a weakness in generating cryptographic keys that may allow an attacker to decrypt sensitive information in SRX300 Series products. | 4.4 |
| 2017-10-13 | CVE-2016-4925 | Data Processing Errors vulnerability in Juniper Junose Receipt of a specifically malformed IPv6 packet processed by the router may trigger a line card reset: processor exception 0x68616c74 (halt) in task: scheduler. | 7.5 |
| 2017-10-13 | CVE-2016-4924 | Permission Issues vulnerability in Juniper Junos 14.1/15.1 An incorrect permissions vulnerability in Juniper Networks Junos OS on vMX may allow local unprivileged users on a host system read access to vMX or vPFE images and obtain sensitive information contained in them such as private cryptographic keys. | 5.5 |
| 2017-10-13 | CVE-2016-4923 | Cross-site Scripting vulnerability in Juniper Junos Insufficient cross site scripting protection in J-Web component in Juniper Networks Junos OS may potentially allow a remote unauthenticated user to inject web script or HTML and steal sensitive data and credentials from a J-Web session and to perform administrative actions on the Junos device. | 6.1 |
| 2017-10-13 | CVE-2016-4922 | Command Injection vulnerability in Juniper Junos Certain combinations of Junos OS CLI commands and arguments have been found to be exploitable in a way that can allow unauthorized access to the operating system. | 7.8 |
| 2017-10-13 | CVE-2016-4921 | Resource Management Errors vulnerability in Juniper Junos By flooding a Juniper Networks router running Junos OS with specially crafted IPv6 traffic, all available resources can be consumed, leading to the inability to store next hop information for legitimate traffic. | 7.5 |