Vulnerabilities > Juniper

DATE CVE VULNERABILITY TITLE RISK
2020-04-08 CVE-2020-1625 Memory Leak vulnerability in Juniper Junos
The kernel memory usage represented as "temp" via 'show system virtual-memory' may constantly increase when Integrated Routing and Bridging (IRB) is configured with multiple underlay physical interfaces, and one interface flaps.
low complexity
juniper CWE-401
3.3
2020-04-08 CVE-2020-1624 Information Exposure Through Log Files vulnerability in Juniper Junos OS Evolved 18.3/19.1
A local, authenticated user with shell can obtain the hashed values of login passwords and shared secrets via raw objmon configuration files.
local
low complexity
juniper CWE-532
2.1
2020-04-08 CVE-2020-1623 Information Exposure Through Log Files vulnerability in Juniper Junos OS Evolved 18.3/19.1/19.2
A local, authenticated user with shell can view sensitive configuration information via the ev.ops configuration file.
local
low complexity
juniper CWE-532
2.1
2020-04-08 CVE-2020-1622 Information Exposure Through Log Files vulnerability in Juniper Junos OS Evolved 18.3/19.1
A local, authenticated user with shell can obtain the hashed values of login passwords and shared secrets via the EvoSharedObjStore.
local
low complexity
juniper CWE-532
2.1
2020-04-08 CVE-2020-1621 Information Exposure Through Log Files vulnerability in Juniper Junos OS Evolved
A local, authenticated user with shell can obtain the hashed values of login passwords via configd traces.
local
low complexity
juniper CWE-532
2.1
2020-04-08 CVE-2020-1620 Information Exposure Through Log Files vulnerability in Juniper Junos OS Evolved
A local, authenticated user with shell can obtain the hashed values of login passwords via configd streamer log.
local
low complexity
juniper CWE-532
2.1
2020-04-08 CVE-2020-1619 Unspecified vulnerability in Juniper Junos
A privilege escalation vulnerability in Juniper Networks QFX10K Series, EX9200 Series, MX Series, and PTX Series with Next-Generation Routing Engine (NG-RE), allows a local authenticated high privileged user to access the underlying WRL host.
local
low complexity
juniper
4.6
2020-04-08 CVE-2020-1618 Improper Authentication vulnerability in Juniper Junos
On Juniper Networks EX and QFX Series, an authentication bypass vulnerability may allow a user connected to the console port to login as root without any password.
6.9
2020-04-08 CVE-2020-1617 Improper Initialization vulnerability in Juniper Junos
This issue occurs on Juniper Networks Junos OS devices which do not support Advanced Forwarding Interface (AFI) / Advanced Forwarding Toolkit (AFT).
network
low complexity
juniper CWE-665
7.8
2020-04-08 CVE-2020-1616 Improper Restriction of Excessive Authentication Attempts vulnerability in Juniper products
Due to insufficient server-side login attempt limit enforcement, a vulnerability in the SSH login service of Juniper Networks Juniper Advanced Threat Prevention (JATP) Series and Virtual JATP (vJATP) devices allows an unauthenticated, remote attacker to perform multiple login attempts in excess of the configured login attempt limit.
network
low complexity
juniper CWE-307
5.0