Vulnerabilities > Juniper

DATE CVE VULNERABILITY TITLE RISK
2017-04-24 CVE-2017-2334 Information Exposure vulnerability in Juniper Northstar Controller 2.1.0
An information leak vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow a network-based malicious attacker to perform a man-in-the-middle attack, thereby stealing authentic credentials from encrypted paths which are easily decrypted, and subsequently gain complete control of the system.
network
high complexity
juniper CWE-200
7.5
2017-04-24 CVE-2017-2333 Resource Exhaustion vulnerability in Juniper Northstar Controller 2.1.0
A persistent denial of service vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow a malicious, network-based, authenticated attacker to consume enough system resources to cause a persistent denial of service by visiting certain specific URLs on the server.
network
low complexity
juniper CWE-400
6.5
2017-04-24 CVE-2017-2332 Improper Authentication vulnerability in Juniper Northstar Controller 2.1.0
An insufficient authentication vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow a malicious, network based, unauthenticated attacker to perform privileged actions to gain complete control over the environment.
network
low complexity
juniper CWE-287
8.8
2017-04-24 CVE-2017-2331 Unspecified vulnerability in Juniper Northstar Controller 2.1.0
A firewall bypass vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow a network-based malicious attacker to bypass firewall policies, leading to authentication bypass methods, information disclosure, modification of system files, and denials of service.
network
low complexity
juniper
7.3
2017-04-24 CVE-2017-2330 Excessive Iteration vulnerability in Juniper Northstar Controller 2.1.0
A denial of service vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an unauthenticated, local user, to create a fork bomb scenario, also known as a rabbit virus, or wabbit, which will create processes that replicate themselves, until all resources are consumed on the system, leading to a denial of service to the entire system until it is restarted.
local
low complexity
juniper CWE-834
6.2
2017-04-24 CVE-2017-2329 Improper Authentication vulnerability in Juniper Northstar Controller 2.1.0
An insufficient authentication vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an unprivileged, authenticated, user to execute certain specific unprivileged system files capable of causing widespread denials of system services.
local
low complexity
juniper CWE-287
6.2
2017-04-24 CVE-2017-2328 Information Exposure vulnerability in Juniper Northstar Controller 2.1.0
An information leak vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an unprivileged, authenticated, user to elevate their permissions through reading unprivileged information stored in the NorthStar controller.
local
low complexity
juniper CWE-200
5.5
2017-04-24 CVE-2017-2327 Resource Exhaustion vulnerability in Juniper Northstar Controller 2.1.0
A denial of service vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an authenticated malicious user to consume large amounts of system resources leading to a cascading denial of services.
local
low complexity
juniper CWE-400
5.5
2017-04-24 CVE-2017-2326 Information Exposure vulnerability in Juniper Northstar Controller 2.1.0
An information disclosure vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an unprivileged, authenticated, network-based attacker to replicate the underlying Junos OS VM and all data it maintains to their local system for future analysis.
network
low complexity
juniper CWE-200
6.5
2017-04-24 CVE-2017-2325 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Juniper Northstar Controller 2.1.0
A buffer overflow vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an authenticated malicious user to cause a buffer overflow leading to a denial of service.
network
low complexity
juniper CWE-119
6.5