Vulnerabilities > Juniper
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-07-17 | CVE-2017-2344 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Juniper Junos A routine within an internal Junos OS sockets library is vulnerable to a buffer overflow. | 7.8 |
| 2017-07-17 | CVE-2017-2343 | Use of Hard-coded Credentials vulnerability in Juniper Junos 12.3X48/15.1X49 The Integrated User Firewall (UserFW) feature was introduced in Junos OS version 12.1X47-D10 on the Juniper SRX Series devices to provide simple integration of user profiles on top of the existing firewall polices. | 9.8 |
| 2017-07-17 | CVE-2017-2342 | Unspecified vulnerability in Juniper Junos 15.1X49 MACsec feature on Juniper Networks Junos OS 15.1X49 prior to 15.1X49-D100 on SRX300 series does not report errors when a secure link can not be established. low complexity juniper | 8.1 |
| 2017-07-17 | CVE-2017-2341 | Improper Authentication vulnerability in Juniper Junos An insufficient authentication vulnerability on platforms where Junos OS instances are run in a virtualized environment, may allow unprivileged users on the Junos OS instance to gain access to the host operating environment, and thus escalate privileges. | 8.8 |
| 2017-07-17 | CVE-2017-2339 | Cross-site Scripting vulnerability in Juniper Screenos 6.3.0 A persistent cross site scripting vulnerability in NetScreen WebUI of Juniper Networks Juniper NetScreen Firewall+VPN running ScreenOS allows a user with the 'security' role to inject HTML/JavaScript content into the management session of other users including the administrator. | 5.4 |
| 2017-07-17 | CVE-2017-2338 | Cross-site Scripting vulnerability in Juniper Screenos 6.3.0 A persistent cross site scripting vulnerability in NetScreen WebUI of Juniper Networks Juniper NetScreen Firewall+VPN running ScreenOS allows a user with the 'security' role to inject HTML/JavaScript content into the management session of other users including the administrator. | 5.4 |
| 2017-07-17 | CVE-2017-2337 | Cross-site Scripting vulnerability in Juniper Screenos 6.3.0 A persistent cross site scripting vulnerability in NetScreen WebUI of Juniper Networks Juniper NetScreen Firewall+VPN running ScreenOS allows a user with the 'security' role to inject HTML/JavaScript content into the management session of other users including the administrator. | 5.4 |
| 2017-07-17 | CVE-2017-2336 | Cross-site Scripting vulnerability in Juniper Screenos 6.3.0 A reflected cross site scripting vulnerability in NetScreen WebUI of Juniper Networks Juniper NetScreen Firewall+VPN running ScreenOS allows a network based attacker to inject HTML/JavaScript content into the management session of other users including the administrator. | 5.4 |
| 2017-07-17 | CVE-2017-2335 | Cross-site Scripting vulnerability in Juniper Screenos 6.3.0 A persistent cross site scripting vulnerability in NetScreen WebUI of Juniper Networks Juniper NetScreen Firewall+VPN running ScreenOS allows a user with the 'security' role to inject HTML/JavaScript content into the management session of other users including the administrator. | 5.4 |
| 2017-07-17 | CVE-2017-2314 | Improper Input Validation vulnerability in Juniper Junos Receipt of a malformed BGP OPEN message may cause the routing protocol daemon (rpd) process to crash and restart. | 7.5 |