Vulnerabilities > Juniper
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-07-11 | CVE-2018-0024 | Improper Privilege Management vulnerability in Juniper Junos An Improper Privilege Management vulnerability in a shell session of Juniper Networks Junos OS allows an authenticated unprivileged attacker to gain full control of the system. | 7.8 |
| 2018-04-11 | CVE-2018-0023 | Incorrect Default Permissions vulnerability in Juniper Jsnapy JSNAPy is an open source python version of Junos Snapshot Administrator developed by Juniper available through github. | 5.5 |
| 2018-04-11 | CVE-2018-0022 | Resource Exhaustion vulnerability in Juniper Junos A Junos device with VPLS routing-instances configured on one or more interfaces may be susceptible to an mbuf leak when processing a specific MPLS packet. | 7.5 |
| 2018-04-11 | CVE-2018-0021 | Unspecified vulnerability in Juniper Junos If all 64 digits of the connectivity association name (CKN) key or all 32 digits of the connectivity association key (CAK) key are not configured, all remaining digits will be auto-configured to 0. low complexity juniper | 8.8 |
| 2018-04-11 | CVE-2018-0020 | Improper Input Validation vulnerability in Juniper Junos Junos OS may be impacted by the receipt of a malformed BGP UPDATE which can lead to a routing process daemon (rpd) crash and restart. | 7.5 |
| 2018-04-11 | CVE-2018-0019 | Improper Input Validation vulnerability in Juniper Junos A vulnerability in Junos OS SNMP MIB-II subagent daemon (mib2d) may allow a remote network based attacker to cause the mib2d process to crash resulting in a denial of service condition (DoS) for the SNMP subsystem. | 5.9 |
| 2018-04-11 | CVE-2018-0018 | Information Exposure vulnerability in Juniper Junos 12.1X46/12.3X48/15.1X49 On SRX Series devices during compilation of IDP policies, an attacker sending specially crafted packets may be able to bypass firewall rules, leading to information disclosure which an attacker may use to gain control of the target device or other internal devices, systems or services protected by the SRX Series device. | 5.9 |
| 2018-04-11 | CVE-2018-0017 | Improper Input Validation vulnerability in Juniper Junos A vulnerability in the Network Address Translation - Protocol Translation (NAT-PT) feature of Junos OS on SRX series devices may allow a certain valid IPv6 packet to crash the flowd daemon. | 6.5 |
| 2018-04-11 | CVE-2018-0016 | Unspecified vulnerability in Juniper Junos Receipt of a specially crafted Connectionless Network Protocol (CLNP) datagram destined to an interface of a Junos OS device may result in a kernel crash or lead to remote code execution. | 7.5 |
| 2018-04-05 | CVE-2014-3413 | Use of Hard-coded Credentials vulnerability in Juniper Junos Space 13.3 The MySQL server in Juniper Networks Junos Space before 13.3R1.8 has an unspecified account with a hardcoded password, which allows remote attackers to obtain sensitive information and consequently obtain administrative control by leveraging database access. | 9.8 |