Vulnerabilities > Juniper
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-04-24 | CVE-2017-2334 | Information Exposure vulnerability in Juniper Northstar Controller 2.1.0 An information leak vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow a network-based malicious attacker to perform a man-in-the-middle attack, thereby stealing authentic credentials from encrypted paths which are easily decrypted, and subsequently gain complete control of the system. | 7.5 |
2017-04-24 | CVE-2017-2333 | Resource Exhaustion vulnerability in Juniper Northstar Controller 2.1.0 A persistent denial of service vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow a malicious, network-based, authenticated attacker to consume enough system resources to cause a persistent denial of service by visiting certain specific URLs on the server. | 6.5 |
2017-04-24 | CVE-2017-2332 | Improper Authentication vulnerability in Juniper Northstar Controller 2.1.0 An insufficient authentication vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow a malicious, network based, unauthenticated attacker to perform privileged actions to gain complete control over the environment. | 8.8 |
2017-04-24 | CVE-2017-2331 | Unspecified vulnerability in Juniper Northstar Controller 2.1.0 A firewall bypass vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow a network-based malicious attacker to bypass firewall policies, leading to authentication bypass methods, information disclosure, modification of system files, and denials of service. | 7.3 |
2017-04-24 | CVE-2017-2330 | Excessive Iteration vulnerability in Juniper Northstar Controller 2.1.0 A denial of service vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an unauthenticated, local user, to create a fork bomb scenario, also known as a rabbit virus, or wabbit, which will create processes that replicate themselves, until all resources are consumed on the system, leading to a denial of service to the entire system until it is restarted. | 6.2 |
2017-04-24 | CVE-2017-2329 | Improper Authentication vulnerability in Juniper Northstar Controller 2.1.0 An insufficient authentication vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an unprivileged, authenticated, user to execute certain specific unprivileged system files capable of causing widespread denials of system services. | 6.2 |
2017-04-24 | CVE-2017-2328 | Information Exposure vulnerability in Juniper Northstar Controller 2.1.0 An information leak vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an unprivileged, authenticated, user to elevate their permissions through reading unprivileged information stored in the NorthStar controller. | 5.5 |
2017-04-24 | CVE-2017-2327 | Resource Exhaustion vulnerability in Juniper Northstar Controller 2.1.0 A denial of service vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an authenticated malicious user to consume large amounts of system resources leading to a cascading denial of services. | 5.5 |
2017-04-24 | CVE-2017-2326 | Information Exposure vulnerability in Juniper Northstar Controller 2.1.0 An information disclosure vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an unprivileged, authenticated, network-based attacker to replicate the underlying Junos OS VM and all data it maintains to their local system for future analysis. | 6.5 |
2017-04-24 | CVE-2017-2325 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Juniper Northstar Controller 2.1.0 A buffer overflow vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an authenticated malicious user to cause a buffer overflow leading to a denial of service. | 6.5 |