Vulnerabilities > Juniper
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-02-22 | CVE-2018-0015 | Missing Authorization vulnerability in Juniper Appformix A malicious user with unrestricted access to the AppFormix application management platform may be able to access a Python debug console and execute system commands with root privilege. | 7.5 |
| 2018-01-10 | CVE-2018-0014 | Information Exposure vulnerability in Juniper Screenos Juniper Networks ScreenOS devices do not pad Ethernet packets with zeros, and thus some packets can contain fragments of system memory or data from previous packets. | 6.5 |
| 2018-01-10 | CVE-2018-0013 | Information Exposure vulnerability in Juniper Junos Space A local file inclusion vulnerability in Juniper Networks Junos Space Network Management Platform may allow an authenticated user to retrieve files from the system. | 6.5 |
| 2018-01-10 | CVE-2018-0012 | Unspecified vulnerability in Juniper Junos Space Junos Space is affected by a privilege escalation vulnerability that may allow a local authenticated attacker to gain root privileges. | 7.8 |
| 2018-01-10 | CVE-2018-0011 | Cross-site Scripting vulnerability in Juniper Junos Space A reflected cross site scripting (XSS) vulnerability in Junos Space may potentially allow a remote authenticated user to inject web script or HTML and steal sensitive data and credentials from a session, and to perform administrative actions on the Junos Space network management device. | 5.4 |
| 2018-01-10 | CVE-2018-0010 | Improper Privilege Management vulnerability in Juniper Junos Space A vulnerability in the Juniper Networks Junos Space Security Director allows a user who does not have SSH access to a device to reuse the URL that was created for another user to perform SSH access. | 6.5 |
| 2018-01-10 | CVE-2018-0009 | Unspecified vulnerability in Juniper Junos 12.1X46/12.3X48/15.1X49 On Juniper Networks SRX series devices, firewall rules configured to match custom application UUIDs starting with zeros can match all TCP traffic. | 5.9 |
| 2018-01-10 | CVE-2018-0008 | Improper Authentication vulnerability in Juniper Junos An unauthenticated root login may allow upon reboot when a commit script is used. | 6.2 |
| 2018-01-10 | CVE-2018-0007 | Command Injection vulnerability in Juniper Junos An unauthenticated network-based attacker able to send a maliciously crafted LLDP packet to the local segment, through a local segment broadcast, may be able to cause a Junos device to enter an improper boundary check condition allowing a memory corruption to occur, leading to a denial of service. | 9.8 |
| 2018-01-10 | CVE-2018-0006 | Allocation of Resources Without Limits or Throttling vulnerability in Juniper Junos A high rate of VLAN authentication attempts sent from an adjacent host on the local broadcast domain can trigger high memory utilization by the BBE subscriber management daemon (bbe-smgd), and lead to a denial of service condition. | 5.3 |