Vulnerabilities > Juniper

DATE CVE VULNERABILITY TITLE RISK
2017-04-24 CVE-2017-2330 Excessive Iteration vulnerability in Juniper Northstar Controller 2.1.0
A denial of service vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an unauthenticated, local user, to create a fork bomb scenario, also known as a rabbit virus, or wabbit, which will create processes that replicate themselves, until all resources are consumed on the system, leading to a denial of service to the entire system until it is restarted.
local
low complexity
juniper CWE-834
6.2
2017-04-24 CVE-2017-2329 Improper Authentication vulnerability in Juniper Northstar Controller 2.1.0
An insufficient authentication vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an unprivileged, authenticated, user to execute certain specific unprivileged system files capable of causing widespread denials of system services.
local
low complexity
juniper CWE-287
6.2
2017-04-24 CVE-2017-2328 Information Exposure vulnerability in Juniper Northstar Controller 2.1.0
An information leak vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an unprivileged, authenticated, user to elevate their permissions through reading unprivileged information stored in the NorthStar controller.
local
low complexity
juniper CWE-200
5.5
2017-04-24 CVE-2017-2327 Resource Exhaustion vulnerability in Juniper Northstar Controller 2.1.0
A denial of service vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an authenticated malicious user to consume large amounts of system resources leading to a cascading denial of services.
local
low complexity
juniper CWE-400
5.5
2017-04-24 CVE-2017-2326 Information Exposure vulnerability in Juniper Northstar Controller 2.1.0
An information disclosure vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an unprivileged, authenticated, network-based attacker to replicate the underlying Junos OS VM and all data it maintains to their local system for future analysis.
network
low complexity
juniper CWE-200
6.5
2017-04-24 CVE-2017-2325 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Juniper Northstar Controller 2.1.0
A buffer overflow vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an authenticated malicious user to cause a buffer overflow leading to a denial of service.
network
low complexity
juniper CWE-119
6.5
2017-04-24 CVE-2017-2324 Command Injection vulnerability in Juniper Northstar Controller 2.1.0
A command injection vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow a network-based malicious attacker to cause a denial of service condition.
network
low complexity
juniper CWE-77
5.3
2017-04-24 CVE-2017-2323 Unspecified vulnerability in Juniper Northstar Controller 2.1.0
A denial of service vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow a malicious attacker crafting packets destined to the device to cause a persistent denial of service to the path computation server service.
network
low complexity
juniper
7.5
2017-04-24 CVE-2017-2321 Unspecified vulnerability in Juniper Northstar Controller 2.1.0
A vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an unauthenticated, unprivileged, network-based attacker to cause various system services partial to full denials of services, modification of system states and files, and potential disclosure of sensitive information which may assist the attacker in further attacks on the system through the use of multiple attack vectors, including man-in-the-middle attacks, file injections, and malicious execution of commands causing out of bound memory conditions leading to other attacks.
network
low complexity
juniper
8.6
2017-04-24 CVE-2017-2320 Information Exposure vulnerability in Juniper Northstar Controller 2.1.0
A vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an unauthenticated, unprivileged, network-based attacker to cause various denials of services leading to targeted information disclosure, modification of any component of the NorthStar system, including managed systems, and full denial of services to any systems under management which NorthStar interacts with using read-only or read-write credentials.
network
low complexity
juniper CWE-200
critical
10.0