Vulnerabilities > Juniper

DATE CVE VULNERABILITY TITLE RISK
2019-10-09 CVE-2019-0054 Improper Certificate Validation vulnerability in Juniper Junos 15.1X49
An Improper Certificate Validation weakness in the SRX Series Application Identification (app-id) signature update client of Juniper Networks Junos OS allows an attacker to perform Man-in-the-Middle (MitM) attacks which may compromise the integrity and confidentiality of the device.
network
juniper CWE-295
5.8
2019-10-09 CVE-2019-0051 Improper Handling of Exceptional Conditions vulnerability in Juniper Junos
SSL-Proxy feature on SRX devices fails to handle a hardware resource limitation which can be exploited by remote SSL/TLS servers to crash the flowd daemon.
network
low complexity
juniper CWE-755
5.0
2019-10-09 CVE-2019-0050 Improper Input Validation vulnerability in Juniper Junos
Under certain heavy traffic conditions srxpfe process can crash and result in a denial of service condition for the SRX1500 device.
network
juniper CWE-20
4.3
2019-10-09 CVE-2019-0047 Cross-site Scripting vulnerability in Juniper Junos
A persistent Cross-Site Scripting (XSS) vulnerability in Junos OS J-Web interface may allow remote unauthenticated attackers to perform administrative actions on the Junos device.
network
juniper CWE-79
4.3
2019-07-22 CVE-2019-1010232 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Juniper Libslax 0.22.0
Juniper juniper/libslax libslax latest version (as of commit 084ddf6ab4a55b59dfa9a53f9c5f14d192c4f8e5 Commits on Sep 1, 2018) is affected by: Buffer Overflow.
network
juniper CWE-119
4.3
2019-07-11 CVE-2019-0053 Out-of-bounds Write vulnerability in multiple products
Insufficient validation of environment variables in the telnet client supplied in Junos OS can lead to stack-based buffer overflows, which can be exploited to bypass veriexec restrictions on Junos OS.
local
low complexity
juniper debian CWE-787
7.8
2019-07-11 CVE-2019-0052 Resource Exhaustion vulnerability in Juniper Junos
The srxpfe process may crash on SRX Series services gateways when the UTM module processes a specific fragmented HTTP packet.
network
low complexity
juniper CWE-400
7.8
2019-07-11 CVE-2019-0049 Unspecified vulnerability in Juniper Junos
On Junos devices with the BGP graceful restart helper mode enabled or the BGP graceful restart mechanism enabled, a certain sequence of BGP session restart on a remote peer that has the graceful restart mechanism enabled may cause the local routing protocol daemon (RPD) process to crash and restart.
network
low complexity
juniper
5.0
2019-07-11 CVE-2019-0048 7PK - Security Features vulnerability in Juniper Junos
On EX4300 Series switches with TCAM optimization enabled, incoming multicast traffic matches an implicit loopback filter rule first, since it has high priority.
network
low complexity
juniper CWE-254
5.0
2019-07-11 CVE-2019-0046 Resource Exhaustion vulnerability in Juniper Junos
A vulnerability in the pfe-chassisd Chassis Manager (CMLC) daemon of Juniper Networks Junos OS allows an attacker to cause a Denial of Service (DoS) to the EX4300 when specific valid broadcast packets create a broadcast storm condition when received on the me0 interface of the EX4300 Series device.
low complexity
juniper CWE-400
6.1