Vulnerabilities > Juniper
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-04-24 | CVE-2017-2324 | Command Injection vulnerability in Juniper Northstar Controller 2.1.0 A command injection vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow a network-based malicious attacker to cause a denial of service condition. | 5.3 |
| 2017-04-24 | CVE-2017-2323 | Unspecified vulnerability in Juniper Northstar Controller 2.1.0 A denial of service vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow a malicious attacker crafting packets destined to the device to cause a persistent denial of service to the path computation server service. | 7.5 |
| 2017-04-24 | CVE-2017-2321 | Unspecified vulnerability in Juniper Northstar Controller 2.1.0 A vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an unauthenticated, unprivileged, network-based attacker to cause various system services partial to full denials of services, modification of system states and files, and potential disclosure of sensitive information which may assist the attacker in further attacks on the system through the use of multiple attack vectors, including man-in-the-middle attacks, file injections, and malicious execution of commands causing out of bound memory conditions leading to other attacks. | 8.6 |
| 2017-04-24 | CVE-2017-2320 | Information Exposure vulnerability in Juniper Northstar Controller 2.1.0 A vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an unauthenticated, unprivileged, network-based attacker to cause various denials of services leading to targeted information disclosure, modification of any component of the NorthStar system, including managed systems, and full denial of services to any systems under management which NorthStar interacts with using read-only or read-write credentials. | 10.0 |
| 2017-04-24 | CVE-2017-2319 | Improper Authentication vulnerability in Juniper Northstar Controller 2.1.0 A vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow a malicious attacker to compromise the systems confidentiality or integrity without authentication, leading to managed systems being compromised or services being denied to authentic end users and systems as a result. | 8.3 |
| 2017-04-24 | CVE-2017-2318 | Information Exposure vulnerability in Juniper Northstar Controller 2.1.0 A vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an authenticated malicious user to read log files which will compromise the integrity of the system, or provide elevation of privileges. | 6.5 |
| 2017-04-24 | CVE-2017-2317 | Information Exposure vulnerability in Juniper Northstar Controller 2.1.0 A denial of service vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an unauthenticated, unprivileged, network-based attacker to cause denials of services to underlying database tables leading to potential information disclosure, modification of system states, and partial to full denial of services relying upon data modified by an attacker. | 8.6 |
| 2017-04-24 | CVE-2017-2316 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Juniper Northstar Controller 2.1.0 A buffer overflow vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an authenticated malicious user to cause a buffer overflow leading to a denial of service. | 6.5 |
| 2017-04-24 | CVE-2017-2315 | Missing Release of Resource after Effective Lifetime vulnerability in Juniper Junos On Juniper Networks EX Series Ethernet Switches running affected Junos OS versions, a vulnerability in IPv6 processing has been discovered that may allow a specially crafted IPv6 Neighbor Discovery (ND) packet destined to an EX Series Ethernet Switch to cause a slow memory leak. | 7.5 |
| 2017-04-24 | CVE-2017-2313 | Improper Input Validation vulnerability in Juniper Junos Juniper Networks devices running affected Junos OS versions may be impacted by the receipt of a crafted BGP UPDATE which can lead to an rpd (routing process daemon) crash and restart. | 7.5 |