Vulnerabilities > Juniper
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-01-10 | CVE-2018-0008 | Improper Authentication vulnerability in Juniper Junos An unauthenticated root login may allow upon reboot when a commit script is used. | 6.2 |
| 2018-01-10 | CVE-2018-0007 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Juniper Junos An unauthenticated network-based attacker able to send a maliciously crafted LLDP packet to the local segment, through a local segment broadcast, may be able to cause a Junos device to enter an improper boundary check condition allowing a memory corruption to occur, leading to a denial of service. | 10.0 |
| 2018-01-10 | CVE-2018-0006 | Allocation of Resources Without Limits or Throttling vulnerability in Juniper Junos A high rate of VLAN authentication attempts sent from an adjacent host on the local broadcast domain can trigger high memory utilization by the BBE subscriber management daemon (bbe-smgd), and lead to a denial of service condition. | 2.9 |
| 2018-01-10 | CVE-2018-0005 | Improper Check for Unusual or Exceptional Conditions vulnerability in Juniper Junos 14.1X53/15.1/15.1X53 QFX and EX Series switches configured to drop traffic when the MAC move limit is exceeded will forward traffic instead of dropping traffic. | 5.8 |
| 2018-01-10 | CVE-2018-0004 | Resource Exhaustion vulnerability in Juniper Junos A sustained sequence of different types of normal transit traffic can trigger a high CPU consumption denial of service condition in the Junos OS register and schedule software interrupt handler subsystem when a specific command is issued to the device. | 7.1 |
| 2018-01-10 | CVE-2018-0003 | Unspecified vulnerability in Juniper Junos A specially crafted MPLS packet received or processed by the system, on an interface configured with MPLS, will store information in the system memory. low complexity juniper | 6.1 |
| 2018-01-10 | CVE-2018-0002 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Juniper Junos On SRX Series and MX Series devices with a Service PIC with any ALG enabled, a crafted TCP/IP response packet processed through the device results in memory corruption leading to a flowd daemon crash. | 4.3 |
| 2018-01-10 | CVE-2018-0001 | Use After Free vulnerability in Juniper Junos A remote, unauthenticated attacker may be able to execute code by exploiting a use-after-free defect found in older versions of PHP through injection of crafted data via specific PHP URLs within the context of the J-Web process. | 7.5 |
| 2017-10-13 | CVE-2017-10624 | Insufficient Verification of Data Authenticity vulnerability in Juniper Junos Space 15.1/15.2 Insufficient verification of node certificates in Juniper Networks Junos Space may allow a man-in-the-middle type of attacker to make unauthorized modifications to Space database or add nodes. | 5.1 |
| 2017-10-13 | CVE-2017-10623 | Improper Authentication vulnerability in Juniper Junos Space Lack of authentication and authorization of cluster messages in Juniper Networks Junos Space may allow a man-in-the-middle type of attacker to intercept, inject or disrupt Junos Space cluster operations between two nodes. | 6.8 |